Blog

(In) Secure Digest Halloween Edition: What Spooked IS Specialists in October
(In) Secure Digest Halloween Edition: What Spooked IS Specialists in October
The Halloween agenda includes a million-dollar scam, a hacker offended by non-recognition of merit, and frighteningly frequent attacks on the game industry representatives.
UAE Warns Residents About Cyber Traps
UAE Warns Residents About Cyber Traps
Today we will talk about the UAE authorities' warnings regarding malicious advertising and... sharing secrets with ChatGPT.
Malaysia's Information Security Boost and the UK's $9.6 Million Data Blunder
Malaysia's Information Security Boost and the UK's $9.6 Million Data Blunder
Today we will explore Malaysia’s significant step towards mitigating data leaks and the consequences of a 2022 ransomware attack on a British IT company.
(In) Secure Digest: Stolen Shib Coins, the Disney Villian, and the Leak of Millions of Americans' Data
(In) Secure Digest: Stolen Shib Coins, the Disney Villian, and the Leak of Millions of Americans' Data
In this edition: the latest twist in the Snowflake saga, the adventures of robots.txt, and the case of meme-coin theft.
(In) Secure Digest: the Unprotected Server, the Marine Data Leak and a Supply Chain Attack
(In) Secure Digest: the Unprotected Server, the Marine Data Leak and a Supply Chain Attack
In May's edition, we'll reveal: the case of an unscrupulous medical company; accidental data leak caused by the SaaS vendor; consequences of the India's largest electronics manufacturer negligence.
(In) Secure Digest: if There was Darwin Awards in 2024
(In) Secure Digest: if There was Darwin Awards in 2024
In April, we traditionally ask our Leading Analyst Sergio Bertoni to share his selection of funny, ridiculous and silly IS incidents.
(In)Secure Digest: Mega Leaks, Deepfakes Calls and Ransomware Attack
(In)Secure Digest: Mega Leaks, Deepfakes Calls and Ransomware Attack
In our traditional monthly digest, we've gathered a bunch of recent information security incidents.
Unexpected Findings With the Help of DCAP Solution, or how did we Performed Audit of our File System Part 1
Today we decided to reveal a few illustrative cases of how we performed audit of our own file storages and share that the statistics, provided by clients, isn’t an exaggeration.
Two Recent Information Security Incidents Resulted Into Exposure of Customer Data
Here's another roundup of the latest information security incidents you need to know about today.
Recent data privacy incidents
A data leak and massive phishing attack on social network users.
Leak and misuse of clients’ personal data
Details on a few incident related to violation of clients’ privacy.
The new portion of significant data incidents
Recently details on a number of tremendous data related incidents were exposed.
A new portion of fines for inadequate data protection
A new portion of fines for inadequate data protection
Details on a few cases when companies, which failed to implement adequate data protection were fined.
PCI certification
PCI DSS and PCI Certification: All You Need to Know
Australian companies have experienced large data privacy incidents
Australian large company Latitude Financial, involved in the financial industry and IP firm IPH have experienced data privacy incidents.
Large troves of tech giants’ data leaked
Large troves of tech giants’ data leaked
Recently, ACER and Acronis companies’ have experienced massive data related incidents.
(In)secure digest: enormous data leaks and insider’s revelations
(In)secure digest: enormous data leaks and insider’s revelations
The time has come to discuss major data realted incidents, which happened in February.
A famous video game publisher has recently experienced an alleged data related incident
An unidentified intruder has exposed Activision employees’ data. Overall, nearly 20.000 recordings were made publicly available.
Fizzy giant manufacturer experienced a data related incident
Fizzy giant manufacturer experienced a data related incident
Pepsi Bottling Ventures LLC data was illicitly obtained and extracted because of deployment of info stealer malware.
Data privacy incident in the healthcare sector
Details on a cybersecurity incident in the healthcare sector became publicly known recently.
Microsoft credentials leak
Internal login credentials were accidentally uploaded to the company’s own infrastructure on GitHub.
Confidential documents and personal data leaked due to an insider activities
Central Florida construction firm has recently experienced a data breach. An employee stole a massive of confidential data just before resignation.
Exposure of 23 million users’ data
Exposure of 23 million users’ data
Due to the dangerous misconfiguration of a third-party database owner, personal data of 23 million users was exposed.
Another personal data leak CafePress clients affected this time
Another personal data leak CafePress clients affected this time
CafePress got its consumers’ sensitive personal data, including Social Security numbers, exposed. The claim against Residual Pumpkin Entity, former owner of CafePress and PlanetArt, current owner of CafePress was filled by the Federal Trade Commission. The main issue of the claim is that the organization had failed to ensure safety of client’s personal data (including Social Security numbers), and covered up the data breach.
Oregon state failed to ensure employees' privacy
And seemingly made it deliberately, at least according to the plaintiffs.
Government sector faces human factor data breach issue
Government sector faces human factor data breach issue
Australian public sector is concerned with the growing number of information leakage episodes due to employee mistakes.
Ex-employee takes data to a new job
Ex-employee takes data to a new job
SoftBank former employee took data to another company, whereas a Canadian firm Aurora Cannabis informed its staffers about breached personal data on the last day of the year.
Ledger hardware wallet breach echoes with phishing
The investigation into the Ledger compromised security case was launched after the data breach which dates back to June 25, 2020.
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
Every month we enrich our collection of classic and non-trivial cybersecurity cases. Data leaks, frauds, sabotage, and other incidents caused by insiders are of our interest.
How much can a former employee cost you?
Keeping the accounts of dismissed employees active and failing to revoke excessive rights might be one of the biggest mistakes a company can make.
U.S. city will pay the Office for Civil Rights $202,400
New Haven, Connecticut, didn’t deny access and left confidential health information available to a former employee.
A customer guessed a password
A customer guessed a WeWork shared user account password for employees
Aetna charged $1m for three data breaches under HIPAA
The HIPAA (the Health Insurance Portability and Accountability Act) has exacted a $1 million penalty from Aetna, U.S. health care insurance company.
Information security in small businesses demands owners' and execs' attention
Each third employee considers information security within a company an average or a massive issue.
What is confidential information and how does it affect your finances?
There is an edifying example, which proves common knowledge that there is many a slip ‘twixt cup and lip.
Leaked on purpose
The Intel leakage was intentional, according to both Intel and ZDNet.
Use case: eDiscovery
Proper information governance facilitates data search and analysis required for internal investigation.
Use case: file cleanup
In order to transform disorganized data into valuable insights you certainly need a powerful tool, which will assist you in file analysis ensuring frequent information verification.
Ensuring security and compliance in multi-departmental teams
As different departments have their own specific risk management frameworks they lack correlation and coordination - enterprise risk management ensures consistency.
Compliance
Regulatory internet data laws you should be aware of and maintain compliance with
Dutch authority charges under GDPR
Dutch Data Protection Authority charges Dutch Credit Registration Bureau €830,000.
How to comply with the Bill effectively?
The Personal Data Protection Bill has been developed for three years already and requires attention to the issue of efficient compliance.
User data up for sale on the dark web
Pakistan and Indonesia got the data of patients and mobile users offered for a considerable sum
The CIA and its major security incident
The CIA and its major security incident
This year the processing of the court case considering the employee who breached the CIA's data in 2016 to WikiLeaks has been resumed
BEML sensitive data leaked
BEML, Indian defence contractor, couldn't protect internal documents from appearing on the dark web
Letter Subscribe to get helpful articles and white papers. We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.