DataBreachToday.com
Navy Federal Credit Union Backup Exposed Online
7 hours 26 minutes ago
Researcher: Internal Data Belonging to World’s Largest Lender Exposed on AWS
Navy Federal, the world’s largest credit union, left hundreds of gigabytes of internal backup files exposed on Amazon’s cloud storage service, says cybersecurity researcher Jeremiah Fowler. Exposed data included email addresses, hashed passwords and what appeared to be internal system data.
Navy Federal, the world’s largest credit union, left hundreds of gigabytes of internal backup files exposed on Amazon’s cloud storage service, says cybersecurity researcher Jeremiah Fowler. Exposed data included email addresses, hashed passwords and what appeared to be internal system data.
Varonis Acquires SlashNext to Combat Phishing, Email Attacks
7 hours 26 minutes ago
Acquisition Targets Business Email Compromise, Impersonation and Spear-Phishing
Varonis has acquired SlashNext to strengthen detection of phishing and social engineering attacks. The integration will help prevent identity compromises via email, SMS and collaboration tools while enhancing Miami-based Varonis’ AI-driven data protection.
Varonis has acquired SlashNext to strengthen detection of phishing and social engineering attacks. The integration will help prevent identity compromises via email, SMS and collaboration tools while enhancing Miami-based Varonis’ AI-driven data protection.
Hacks on Specialty Health Entities Affect Nearly 900,000
7 hours 26 minutes ago
Orthopedic Group, Medical Imaging Centers, Home Healthcare Provider Report Breaches
Specialty healthcare providers know what they're about when it comes to an irregular heartbeat or a wheezing lung. Cybersecurity, not so much. Hacks on specialty medical entities easily result in tens of thousands, if not hundreds of thousands, or even millions, of patient records being compromised.
Specialty healthcare providers know what they're about when it comes to an irregular heartbeat or a wheezing lung. Cybersecurity, not so much. Hacks on specialty medical entities easily result in tens of thousands, if not hundreds of thousands, or even millions, of patient records being compromised.
Silver Fox APT Abuses Windows Driver in Active Campaign
7 hours 26 minutes ago
Gap in Microsoft Blocklist Exploited, ValleyRAT Runs Undetected
A Chinese nation-state cyber group is exploiting a Microsoft-signed driver to shut down Windows security protections. The attackers deployed the driver through a custom loader. The core weakness that Silver Fox relied on remained exploitable even after patching.
A Chinese nation-state cyber group is exploiting a Microsoft-signed driver to shut down Windows security protections. The attackers deployed the driver through a custom loader. The core weakness that Silver Fox relied on remained exploitable even after patching.
Salesloft Drift Attacks Exposed Zscaler Customer Data
23 hours 26 minutes ago
'Widespread Data Theft Campaign' Compromised Many Drift OAuth Tokens, Warn Experts
Threat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for applications integrated with Salesloft's AI chatbot Drift, then exfiltrating data. Victims include Salesforce customers Zscaler and Palo Alto Networks.
Threat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for applications integrated with Salesloft's AI chatbot Drift, then exfiltrating data. Victims include Salesforce customers Zscaler and Palo Alto Networks.
Event Horizon for Vibe Hacking Draws Closer, Anthropic Warns
1 day 15 hours ago
Cyber Extortion Campaign Automated Efforts to 'Unprecedented' Degree, Says AI Giant
Artificial intelligence giant Anthropic said it's disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an "unprecedented" extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations.
Artificial intelligence giant Anthropic said it's disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an "unprecedented" extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations.
Austria's Interior Ministry Says 100 Email Accounts Breached
1 day 15 hours ago
No Law Enforcement Information or Austrian Personal Data Compromised, Officials Say
The Austrian government said a "targeted and professional" hack attack breached about 100 government email accounts in its interior ministry, which is chiefly responsible for public safety. Attackers also stole data, although officials said no law enforcement or personal data was exposed.
The Austrian government said a "targeted and professional" hack attack breached about 100 government email accounts in its interior ministry, which is chiefly responsible for public safety. Attackers also stole data, although officials said no law enforcement or personal data was exposed.
Law Enforcement Operation Seizes Fake ID Platform VerifTools
2 days 3 hours ago
FBI Seizes Domains; Dutch Police Analyzing Seized Data to Identify Admin and Users
An international law enforcement operation involving the FBI and Dutch police has shuttered VerifTools, a "key" platform for generating fake identification documents cops have tied to multiple help desk fraud, cryptocurrency theft and other cybercrime cases.
An international law enforcement operation involving the FBI and Dutch police has shuttered VerifTools, a "key" platform for generating fake identification documents cops have tied to multiple help desk fraud, cryptocurrency theft and other cybercrime cases.
Live Webinar | Machines, Mergers, and Missteps: Defending Identity in Manufacturing’s Industrial Revolution
4 days 17 hours ago
Live Webinar | What's New in Google SecOps: How AI Agents are Revolutionizing the Modern SOC
4 days 17 hours ago
ISMG Editors: Whistleblower's Social Security Data Bombshell
4 days 17 hours ago
Also: Netskope's High-Stakes IPO, How AI Sovereignty Threatens Our Shared Reality
In this week's update, four ISMG editors discussed explosive whistleblower claims about alleged mishandling of Americans' sensitive U.S. Social Security data, Netskope's push for an initial public offering and the global fight over the geopolitical sovereignty of artificial intelligence platforms.
In this week's update, four ISMG editors discussed explosive whistleblower claims about alleged mishandling of Americans' sensitive U.S. Social Security data, Netskope's push for an initial public offering and the global fight over the geopolitical sovereignty of artificial intelligence platforms.
Nevada Dental Practice Notifying 1.2M of Hack
4 days 17 hours ago
Absolute Dental Says Breach Involved Third-Party Managed Services Firm
A Nevada dental practice is notifying more than 1.2 million individuals of a hacking incident that compromised sensitive health and personal information. The incident involved "inadvertent execution of a malicious version of a legitimate software tool," said Absolute Dental.
A Nevada dental practice is notifying more than 1.2 million individuals of a hacking incident that compromised sensitive health and personal information. The incident involved "inadvertent execution of a malicious version of a legitimate software tool," said Absolute Dental.
Pentagon Probes Microsoft's Use of Chinese Coders
4 days 17 hours ago
Defense Department Suspends, Reviews Microsoft 'Digital Escorts' Program
The Pentagon is reviewing Microsoft's decade-long use of "digital escorts" - U.S.-based staff who review code from Chinese engineers - into military cloud systems, a workaround now deemed a "breach of trust" that may have exposed sensitive but unclassified government data.
The Pentagon is reviewing Microsoft's decade-long use of "digital escorts" - U.S.-based staff who review code from Chinese engineers - into military cloud systems, a workaround now deemed a "breach of trust" that may have exposed sensitive but unclassified government data.
Palo Alto, Fortinet, Check Point Control Firewall Gartner MQ
4 days 17 hours ago
Cisco Visionary, HPE Juniper Challenger in Inaugural Hybrid Mesh Firewall Ranking
Network security behemoths Palo Alto Networks, Fortinet and Check Point Software topped Gartner's first-ever Magic Quadrant for hybrid mesh firewalls. Gartner said the firewall market is moving toward centralized orchestration, interoperability and AI-powered automation.
Network security behemoths Palo Alto Networks, Fortinet and Check Point Software topped Gartner's first-ever Magic Quadrant for hybrid mesh firewalls. Gartner said the firewall market is moving toward centralized orchestration, interoperability and AI-powered automation.
Webinar | Phishing Surged 80% in Israel — AI is the Only Way to Stay Ahead
5 days 4 hours ago
AI and the New Rules of Observability
5 days 4 hours ago
FPT's Leonard Bertelli on the Shift From Reactive Monitoring to Predictive Insight
Observability has now become a mission-critical capability for enterprises operating complex, distributed and AI-driven systems. Leonard Bertelli, senior vice president at FPT Americas, shares how observability is changing and why both culture and technology must align to move enterprises forward.
Observability has now become a mission-critical capability for enterprises operating complex, distributed and AI-driven systems. Leonard Bertelli, senior vice president at FPT Americas, shares how observability is changing and why both culture and technology must align to move enterprises forward.
CISO Webinar | Rapid AI Adoption in the UK is Creating a New Attack Surface
5 days 10 hours ago
OpenAI, Anthropic Swap Safety Reviews
5 days 10 hours ago
AI Giants Evaluated Each Other's Newer Models for Safety Risks
OpenAI and Anthropic evaluated each other's AI models in the summer, testing for concerning behaviors that could indicate misalignment risks. Both companies released their findings simultaneously: no model was severely problematic, but all showed plenty of troubling behavior in testing scenarios.
OpenAI and Anthropic evaluated each other's AI models in the summer, testing for concerning behaviors that could indicate misalignment risks. Both companies released their findings simultaneously: no model was severely problematic, but all showed plenty of troubling behavior in testing scenarios.
Safeguarding Healthcare With Secure and Smart Hospitals
5 days 10 hours ago
Oslo University Hospital CSO Torkel Thune on Nordic Threat Landscape
Torkel Thune, head of the department for architecture, operational IT security and chief security officer at Oslo University Hospital, discusses how global shifts are affecting cybersecurity for the Nordic region, and how healthcare is especially vulnerable.
Torkel Thune, head of the department for architecture, operational IT security and chief security officer at Oslo University Hospital, discusses how global shifts are affecting cybersecurity for the Nordic region, and how healthcare is especially vulnerable.
Checked
7 hours 26 minutes ago
DataBreachToday.com RSS News Feeds on data breach today news, regulations, blogs and education
DataBreachToday.com feed