The Medusa ransomware gang is claiming responsibility for an alleged NASCAR data breach that allegedly leaked one terabyte of data.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Car rental giant Hertz Corporation has confirmed a data breach stemming from the Cleo managed file sharing platform's zero-day vulnerabilities that have affected nearly 100 organizations.
We must advance our understanding and catch up to hackers by proclaiming that the security perimeter, as we knew it, no longer exists. When proof of identity is all we need to access our most sensitive, critical data, then the security perimeter is each and every one of us.
A bipartisan bill has been introduced to the Senate that would extend the terms of the Cybersecurity Information Sharing Act of 2015, widely seen as a vital national cybersecurity law.
The secret meeting took place in Geneva in December 2024. The source says that the remarks were "indirect" and "somewhat ambiguous," but were enough to implicate Volt Typhoon and the Chinese government in the cyber attacks that have plagued US critical infrastructure.
Sensata Technologies, a manufacturer of mission-critical sensors and electrical protection components, has suffered a ransomware attack that disrupted various operations.
Planned Parenthood lab services provider Laboratory Services Cooperative (LSC) has disclosed a data breach that exposed the health data of 1.6 million people after hackers breached its systems.
MITRE, which has its headquarters in the US, has relied on federal funding for decades. Its contract for the development of the CVE program ended on April 16. The contract extension, put in place just before the deadline, grants it at least 11 more months of life.
WK Kellogg Confirms Data Breach from Cleo Managed File Transfer System Attributed to Clop Ransomware
U.S. food giant WK Kellogg Co. has disclosed a data breach that affected Cleo, a third-party managed file transfer system that allowed a threat actor to access sensitive information.
A June 2023 security breach at the Treasury's Office of the Comptroller of the Currency led to the theft of over 150,000 emails from about 100 accounts, but the damage is possibly more extensive as the hackers likely lurked in the bank regulator's systems into early 2025.