https://www.scmagazine.com/topic/data-security
SCM feed for Data Security
2024-03-28T13:28:17+00:00
https://files.scmagazine.com/logo/scm-horizontal-white-with-resource.png
Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved
tag:www.scmagazine.com:post,709762
Unsecured server exposes RentGo data
2024-03-28T09:12:57-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Major Turkish car rental service provider Rent Go had data from more than 161,000 customers exposed due to an unsecured Azure Blob Storage instance, reports Cybernews.</p>
2024-03-28T09:12:52-04:00
tag:www.scmagazine.com:post,709440
Snapchat user traffic reportedly subjected to secret Facebook surveillance
2024-03-27T10:11:28-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>TechCrunch reports that Facebook was revealed to have covertly conducted Snapchat network traffic interception and decryption since 2016 as part of the initiative dubbed "Project Ghostbusters" that sought to bolster user behavior analysis and better compete with the instant messaging app.</p>
2024-03-27T10:11:23-04:00
tag:www.scmagazine.com:post,709435
Nearly 2K Shopify stores' data exposed by plugins
2024-03-27T09:59:51-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>More than 1,800 stores on major e-commerce platform Shopify using Saara's EcoReturns and WyseMe plugins had 25 GB of data exposed due to the developer's misconfigured MongoDB database, according to Cybernews.</p>
2024-03-27T09:59:46-04:00
tag:www.scmagazine.com:post,709425
Separate breaches impact California state, local agencies
2024-03-27T09:39:31-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Cybernews reports that the California Department of Food and Agriculture had individuals' sensitive and personal information leaked to "external users" following the compromise of its external Plant Health and Pest Prevention website discovered earlier this month.</p>
2024-03-27T09:39:26-04:00
tag:www.scmagazine.com:post,708988
GoFetch: Apple chips vulnerable to encryption key stealing attack
2024-03-25T19:02:56-04:00
Laura French
https://www.scmagazine.com/contributor/laura-french
<p>Data memory-dependent prefetching can enable side-channel extraction of cryptographic secrets. </p>
2024-03-25T19:01:29-04:00
GoFetch logo (Credit: Courtesy of Chen et al.)
tag:www.scmagazine.com:post,708895
Vans, North Face parent downplays cyberattack
2024-03-25T12:32:17-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>U.S. global apparel and footwear company VF Corporation, which owns Vans, The North Face, and Supreme, emphasized that the December cyberattack that impacted data from 35.5 million customers did not include any bank information or credit card details, The Register reports.</p>
2024-03-25T12:32:11-04:00
tag:www.scmagazine.com:post,708887
Exposed AT&T data's veracity further proven as telco insists no compromise
2024-03-25T12:28:49-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>TechCrunch reports that data allegedly stolen from AT&T three years ago that contained information from 73 million subscribers was confirmed to be authentic by Have I Been Pwned? administrator Troy Hunt after matching the exposed details with purportedly impacted AT&T customers.</p>
2024-03-25T12:28:44-04:00
tag:www.scmagazine.com:post,708881
Cryptographic key theft likely with new side-channel attack against Apple chips
2024-03-25T12:25:15-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>BleepingComputer reports that threat actors could leverage the novel GoFetch side-channel attack to facilitate the exfiltration of secret cryptographic keys from devices running on Apple M1, M2, and M3 processors.</p>
2024-03-25T12:25:10-04:00
tag:www.scmagazine.com:post,708877
Ongoing Kimsuky attacks involve novel tactic
2024-03-25T12:16:13-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Information-stealing malware has been deployed by North Korean state-backed hacking group Kimsuky in ongoing attacks against South Korean organizations exploiting Compiled HTML Help files, reports The Hacker News.</p>
2024-03-25T12:16:07-04:00
tag:www.scmagazine.com:post,708874
Massive StrelaStealer malware campaign hits US, Europe
2024-03-25T12:13:07-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>More than 100 organizations in the U.S. and Europe have been subjected to a far-reaching StrelaStealer malware attack campaign aimed at exfiltrating email account credentials that peaked from late January to early February, BleepingComputer reports.</p>
2024-03-25T12:13:02-04:00
tag:www.scmagazine.com:post,708574
Is Cozy Bear targeting Western political parties with phishing attacks?
2024-03-22T16:11:13-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>Google Mandiant says APT29 targeted German politicians and is a threat to Western political parties.</p>
2024-03-22T16:07:12-04:00
(Adobe Stock)