data theft

DHS insider breach resulted in theft of personal info of staff and people involved in investigations
The US DHS Office of Inspector General (OIG) has confirmed that the “privacy incident” discovered in May 2017 resulted in the theft of personally identifiable …

Tizi backdoor rooted Android devices by exploiting old vulnerabilities
Google has discovered and removed from Google Play a number of apps that contained the Tizi backdoor, which installs spyware to steal sensitive data from popular social media …

Imgur confirms breach, 1.7 million users affected
Popular image hosting website Imgur has announced on Friday that hackers stole usernames and passwords of 1.7 million of its users. The breach dates back to 2014, when Imgur …

Data exfiltration tool PTP-RAT encodes data in pixel colour values
How to exfiltrate data from a machine that doesn’t have file transfer capabilities or whose Remote Desktop Protocol (RDP) connection has been locked down, making it …

Malicious Chrome extension steals all data
There’s a glut of malicious Google Chrome extensions out there, but some are more harmful than others. The one that SANS ISC incident handler Renato Marinho has dubbed …

Defense contractors, manufacturers targeted with malware-as-a-service infostealer
Information stealing FormBook malware is being lobbed at defense contractors, manufacturers and firms in the aerospace sector in the US and South Korea. Delivery methods The …

Disqus, Forrester Research suffer data breach
Popular blog comment hosting service Disqus and market research company Forrester Research announced late on Friday that they’ve suffered a breach. While the latter was …

The 2013 Yahoo breach affected all 3 billion of its users
Yahoo, now part of the newly created Verizon subsidiary Oath, has announced that the 2013 breach it disclosed in December 2016 affected more users than previously believed. …

Equifax, former CEO reveal more details about the devastating breach
Mandiant has concluded the forensic part of its Equifax breach investigation, and the results are as follows: 2.5 million additional US consumers were potentially impacted, …

XPCTRA financial malware leaves no stone unturned
A Trojan that has previously been only stealing users’ banking credentials has been modified to do much more than that. This new variant, dubbed XPCTRA, can also steal …

Hackers stole contact info of 6 million Instagram users and are selling it online
Last week, Instagram pushed out a patch for a bug in the service’s API that allowed attackers to discover users’ email address and/or phone number. Facebook-owned …

Seagate to pay millions for forking over employee info to scammers
A moment of inattention by one of its employees, and Seagate stands to lose tens of millions of dollars. No, the company was not the victim of a BEC scam – instead, it …
Featured news
Resources
Don't miss
- It’s time to secure the extended digital supply chain
- SysReptor: Open-source penetration testing reporting platform
- Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
- 8Base ransomware group leaders arrested, leak site seized
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)