Infosys McCamish Systems has disclosed that the LockBit ransomware gang stole the personal information of 6 million people during the November 2023 data breach which affected companies including Bank of America and Fidelity Investments Life Insurance.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Asian food giant Jollibee is investigating a data breach that impacted at least 11 million customers and other restaurants, including Burger King and Panda Express.
The cyber crime group that locked up an Indonesian national data center last month, impacting hundreds of government services, has opted to provide the ransomware decryptor for free. This was accompanied by an apology, but also a donation link exhorting the Indonesian government and public to show gratitude for their supposed generosity.
The data breach first emerged in late June when the hacking group ShinyHunters posted a dump of 33 million phone numbers to BreachForums, now confirmed to be taken from an Authy API endpoint.
Today’s CISOs do not have the easiest job. They are tasked with safeguarding a company’s digital, identity, and data assets, protecting customer data, maintaining trust with stakeholders, achieving and maintaining a variety of changing compliance standards and frameworks, all while being asked to consolidate budget and communicate their impact to leadership.
CISA is warning high-risk chemical facilities of potential data theft after a threat actor breached the agency's Chemical Security Assessment Tool (CSAT) via Ivanti Connect security flaws.
Skeleton key attacks craft the right statement to convince AI models to shed their guardrails entirely. Once a functional statement has been developed, it is essentially a "plug and play" method to jailbreak a variety of models.
Luxury goods retailer Neiman Marcus Group confirms a data breach linked to the Snowflake hack allowing hackers to access the personal information of over 64,000 people.
A new OpenSSH vulnerability discovered by threat researchers is the biggest security issue to appear in the utility suite in about two decades. The bug is an unauthenticated RCE vulnerability that builds on a prior issue that was patched out in 2006.
A statement of claim attached to mandatory court filings reveals that the ACMA will frame the Optus data breach as a case of negligence, asserting that the company failed to address an access control coding error that it had known about for some years.










