Fraud Management

Vulnerabilities

Issued by: DataBreach Today

Cisco on Monday patched a zero-day vulnerability discovered months ago that allowed a China-nexus hacker to execute arbitrary commands as root on the compromised devices. The threat group, dubbed Velvet Ant, remotely connected to Cisco’s NX-OS software used in switches and executed malicious code. The networking giant in an advisory attributes the discovery to cybersecurity…

News

Issued by: DataBreach Today

Thousands of students in New Jersey were unable to attend school Monday after a cybersecurity incident caused technical difficulties across the Freehold Township School District, administrators said. Superintendent of Schools Neal Dickstein sent an email to families late Sunday night announcing that classes were canceled for the entire district, which includes an early childhood learning…

News

Issued by: DataBreach Today

A Russian man accused by the United States of trafficking in a hacked database of online credentials will apparently evade American courts after the Russian government said it had succeeded in extraditing him. Russian prosecutors said authorities in Kazakhstan will transfer the man, Nikita Kislitsin, to face charges related to an October 2022 hacking incident…

Malware & Threats

Issued by: DataBreach Today

The BlackCat ransomware-as-a-service operation’s putative “unseizing” of its leak site from the FBI is a stunt made possible by way the dark web handles address resolution, security researchers said Monday. The stunt was a “tactical error” that could alienate affiliates. U.S. authorities as part of an international law enforcement operation announced Monday morning that they…

Malware & Threats

Issued by: DataBreach Today

Stopping the ransomware epidemic is less about tackling individual crypto-locking malware variants and more about combating the entire ecosystem of bad actors underpinning digital extortion, the British government said Monday. Behind any infection from name-brand ransomware such as LockBit or BlackCat lies a loose network of affiliates, initial access brokers and other actors, warned the…

Malware & Threats

Issued by: DataBreach Today

Swedish DPA Fines Insurer The Swedish data protection authority fined insurer Trygg-Hansa $3 million for a data breach that exposed the sensitive information of approximately 650,000 customers through the company’s online portal. The data protection authority’s investigation revealed the exposure had gone on for over two years, from October 2018 to February 2021. The breach…

Malware & Threats

Issued by: DataBreach Today

When is a LockBit ransomware attack not actually a LockBit attack? Cyber defenders are reporting a profusion of attacks involving stolen or reused strains of ransomware. Blame a variety of factors, including law enforcement crackdowns on big-name brands, evolving ransomware business models and at least one case of a ransomware group leader with poor people…

Malware & Threats

Issued by: DataBreach Today

An international law enforcement operation took down a phishing-as-a-service website that security researchers say was responsible for more than 150,000 phishing domains. Authorities in Indonesia arrested the site’s alleged administrator and another man, while Japanese police arrested an additional suspect, Interpol announced Tuesday. The site, 16shop, has been in existence since at least 2017. It…

Application Security

Issued by: DataBreach Today

The desire for digital acceleration has led organizations to drive toward delivering faster and better application experiences and to bring applications and data closer to users and devices. Many organizations realize that application journeys are fluid in practice because applications can live anywhere from data centers to hybrid and multi-clouds to edge compute. The reason…