A Bangladeshi government website data leak has exposed the personal information of millions of eGovernment portal users. Security researcher discovered the leaked database while Googling an SQL error.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
CISA's new security-by-design and security-by-default guidance was released in collaboration with multiple other security agencies in the US as well as ones in Australia, Canada, New Zealand, the UK, Germany, and the Netherlands, formalizing the principles at an international level for the first time.
Over 34 million Indonesian passports were leaked in a massive data breach impacting the country’s Immigration Directorate General. Allegedly stolen 4GB of passport data is currently selling for $10,000.
A member of a hacker forum claims that they have stolen Razer's "keys to the kingdom" in the form of source code, encryption keys and employee credentials, and is looking for a $100,000 Monero payout. Razer has yet to confirm the data breach.
The Japanese port of Nagoya suffered a ransomware attack that impacted the central computer system and disrupted cargo operations, causing temporary congestion. LockBit 3.0 has claimed responsibility.
By prioritizing asset management, organizations can enhance their security posture, optimize existing security investments, and meet compliance requirements, ultimately safeguarding their digital assets and operations in the cloud, on-prem, or hybrid environment.
In addition to the DDoS campaign and claimed theft of Microsoft accounts, Anonymous Sudan has busied itself with a campaign of attacks against European banks as of late. Microsoft says there is no evidence of a data breach.
Mobile app developers are realizing that with in-app security they can exceed third-party on-device security that relies on blacklists by only allowing the app to communicate with whitelisted servers. Mobile apps need constant monitoring and closeknit, developer-driven protections against today’s clever cybercriminals.
An Android tracking app sometimes used by parents and employers (along with more unsavory purposes) has been hacked. Data breach affects at least 13,000 devices, along with contact information for about 26,000 customers and location data points for about 13,400 people.
Insider threats are on the rise. What's worse, these threats often fly under the radar for months before they're caught. To prevent an insider threat is to proactively identify and mitigate insider risks. Data and user monitoring tools can be critical by revealing how insiders use data in real-world workflows.









