Category

Policy Enforcement

Policy Enforcement page 1

cyber threat attacks customer data theft US Health Insurance Industry 

Increasing risk of customer data theft on US Health Insurance industry 

The health insurance industry in the US is now facing an increased risk of cyber threat attacks due to the rise of sophisticated exploitative techniques being used and developed by cybercriminals and fraudsters. This is due to the expansion of industries towards online digitization in conducting transactions, billing, and client records.  Health insurers or related...
Continue Reading
ethical hackers researchers hacked indian government critical vulnerabilities flaws

Researcher team hacked Indian government websites by using exposed git and env files

Ethical hackers and cybersecurity researchers disclosed more information on how multiple websites of the Indian government got hacked and breached. Just last month, researchers from the Sakura Samurai hacking group had discovered and disclosed their breach and findings via a large number of critical vulnerabilities on the cyber systems of the Indian government. The full...
Continue Reading
vendor supply chain knowledge gap third-party risk assessment

Third-party cyber risk, The vendor supply chain knowledge gap

The recent SolarWinds cyberattack exposed a third-party supply chain weakness using exploitable vulnerabilities on other widely distributed and implemented software and system offerings available in the market. Still, many enterprises have little insight into the set of suppliers currently being used in their infrastructure systems. Based on a survey conducted by BlueVoyant, out of 1,500...
Continue Reading
iobit ransomware DeroHe vulnerability brand abuse

IOBit group forum hacked to spread ransomware to members

New player ransomware – DeroHe has recently added to their victim an established computer utility developer on their list. Their recent victim is the IOBit company that started in 2004, developing various applications that focus on computer optimization and virus/malware protection.  According to the report, the attack was orchestrated to the group forum of IOBit...
Continue Reading
hackney council UK London Compromised Data Stolen Data Published Pysa

Data Stolen from Hackney Council in London published online

Hackney Council in the United Kingdom allegedly has their sensitive private data stolen and published online three months after the reported serious ransomware attack that they encountered last October 2020 which have affected their IT systems and network.   The publishing of the stolen data has been claimed by a cyber-crime group known as Pysa/Mespinoza. They had...
Continue Reading
7 Million Indian Credit Debit Card Data Leak Dark Web

Credit and debit card data leak of 7 million Indian in the Dark Web

The current trend in the dark web highlighted data leak of almost 7 million Indian cardholders’ sensitive information that has been discovered for public view. Based on different cybersecurity organizations’ testimony on the leaked database, they confirmed that the data is as large as 2 GB and includes PAN numbers sold off in the dark...
Continue Reading
solarwinds orion github passwordl eak CozyBear APT

SolarWinds’ Orion platform Github password leak

The Cybercommunity is currently in chaos as Solarwinds, developer of network management software has confirmed that their sophisticated Orion IT software has been compromised and affected system access was sold off in the underground forum of hackers. The latest report told the 18,000 companies out of 300,000 have been affected by such intrusion. The magnitude...
Continue Reading
google outage operation aurora DDOS china

Google outage a throw back to the sponsored hackers in China: Operation Aurora

A few days passed; the cyber community again experienced another worldwide Distributed-Denial-of-Service (DDoS) that hits one of the tech giant service providers. With billions of users, Google has been struck by such attacks that led to most of its services – Gmail, Calendar, and Youtube have been inaccessible for a few hours. Based on the...
Continue Reading
botnet hackers unsecured ENV files internet

Botnets being used by Hackers to scan The Internet for Unsecured ENV Files

Moving stealthily in the background, several hackers have been scouring the internet in a vast and massive search campaign that started probably 3-years ago. The targets of their search campaign are the exposed and unprotected ENV files on multiple web servers worldwide. ENV files (environment files) are data files used by an operating system on...
Continue Reading
Prestige Software data leak misconfigured storage

Prestige Software hotel reservation system Data Leak

Approximately a whopping 25 GB of sensitive personal information was leaked on the net from a misconfigured AWS S3 bucket of Prestige Software. The company is based in Barcelona, Spain that caters to software-based solutions mostly for Cloud Hospitality. The company’s few well-known clients are Expedia, Amadeus, Booking.com, Hotels.com, Agoda, Omnibees, and other similar businesses...
Continue Reading
1 2 3 6