data exfiltration - Cloud Security Alliance News Clipping Site

Krebs on Security: Fintech Giant Finastra Investigating Data Breach

Nov 20, 2024

—

by

Source URL: https://krebsonsecurity.com/2024/11/fintech-giant-finastra-investigating-data-breach/ Source: Krebs on Security Title: Fintech Giant Finastra Investigating Data Breach Feedly Summary: The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of…

Cloud Blog: New ways to protect your sensitive data with Chrome Enterprise

Nov 19, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/products/chrome-enterprise/new-ways-to-protect-your-sensitive-data-with-chrome-enterprise/ Source: Cloud Blog Title: New ways to protect your sensitive data with Chrome Enterprise Feedly Summary: Protecting sensitive company data is no longer just a best practice—it’s business critical. In today’s world, data breaches can have serious consequences, from financial losses and reputational damage to legal repercussions and operational disruptions. That’s why…

The Register: Ford ‘actively investigating’ after employee data allegedly parked on leak site

Nov 19, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/18/ford_actively_investigating_breach/ Source: The Register Title: Ford ‘actively investigating’ after employee data allegedly parked on leak site Feedly Summary: Plus: Maxar Space Systems confirms employee info stolen in digital intrusion Ford Motor Company says it is looking into allegations of a data breach after attackers claimed to have stolen an internal database containing 44,000…

The Register: T-Mobile US ‘monitoring’ China’s ‘industry-wide attack’ amid fresh security breach fears

Nov 18, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/11/18/tmobile_us_attack_salt_typhoon/ Source: The Register Title: T-Mobile US ‘monitoring’ China’s ‘industry-wide attack’ amid fresh security breach fears Feedly Summary: Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon T-Mobile US said it is “monitoring" an "industry-wide" cyber-espionage campaign against American networks – amid fears Chinese government-backed spies compromised the un-carrier…

Cloud Blog: Secure your data ecosystem: a multi-layered approach with Google Cloud

Nov 14, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/products/data-analytics/learn-how-to-build-a-secure-data-platform-with-google-cloud-ebook/ Source: Cloud Blog Title: Secure your data ecosystem: a multi-layered approach with Google Cloud Feedly Summary: It’s an exciting time in the world of data and analytics, with more organizations harnessing the power of data and AI to help transform and grow their businesses. But in a threat landscape with increasingly sophisticated…

Cisco Talos Blog: New PXA Stealer targets government and education sectors for sensitive information

Nov 14, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/new-pxa-stealer/ Source: Cisco Talos Blog Title: New PXA Stealer targets government and education sectors for sensitive information Feedly Summary: Cisco Talos discovered a new information stealing campaign operated by a Vietnamese-speaking threat actor targeting government and education entities in Europe and Asia. AI Summary and Description: Yes Summary: The text discusses a threat…

Microsoft Security Blog: Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

Nov 1, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2024/10/31/chinese-threat-actor-storm-0940-uses-credentials-from-password-spray-attacks-from-a-covert-network/ Source: Microsoft Security Blog Title: Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network Feedly Summary: Since August 2023, Microsoft has observed intrusion activity targeting and successfully stealing credentials from multiple Microsoft customers that is enabled by highly evasive password spray attacks. Microsoft has linked the source…

Cloud Blog: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)

Oct 24, 2024

—

by

system automation

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575/ Source: Cloud Blog Title: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575) Feedly Summary: Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiManager appliances across 50+ potentially compromised FortiManager devices in various industries. The vulnerability,…

Cisco Talos Blog: Highlighting TA866/Asylum Ambuscade Activity Since 2021

Oct 23, 2024

—

by

system automation

in Uncategorized

Source URL: https://blog.talosintelligence.com/highlighting-ta866-asylum-ambuscade/ Source: Cisco Talos Blog Title: Highlighting TA866/Asylum Ambuscade Activity Since 2021 Feedly Summary: TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020. AI Summary and Description: Yes Summary: The text provides an extensive analysis of the threat actor TA866 (Asylum Ambuscade),…

The Register: Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures

Oct 22, 2024

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2024/10/22/sec_fines_four_tech_firms/ Source: The Register Title: Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures Feedly Summary: Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing Four high-profile tech companies reached an agreement with the Securities and Exchange Commission to pay millions of dollars in…

Tag: data exfiltration