#DataProtection

HHS Cloud Systems at Risk

The Department of Health and Human Services (HHS) faces significant cloud security vulnerabilities, as highlighted in a recent audit by the Office of Inspector General (OIG). The report reveals weaknesses in a dozen security controls and inadequacies in HHS’ cloud inventory processes. Critical issues include a lack of multifactor authentication …

Read More

Rising Threats to Cloud Data

As cloud usage becomes vital for organizations, it has also become a target for cyberattacks. A recent report by Thales highlights that 47% of corporate data stored in the cloud is sensitive, making cloud security a top priority. SaaS applications, cloud storage, and cloud management infrastructure are the leading attack …

Read More

Hackers Breach Alabama Education Data 

Alabama’s State Department of Education recently experienced a significant data breach following a thwarted ransomware attack on June 17. Although IT professionals managed to stop the attack, threat actors accessed some data and disrupted services. Superintendent Eric Mackey revealed that while the full extent of the breach is still being …

Read More

GitHub, Microsoft Passkey Vulnerabilities Exposed 

Adversary-in-the-middle (AitM) attacks are exposing vulnerabilities in passkey authentication by stripping passkey options from login pages. That forces users to rely on less secure authentication methods, making their accounts susceptible to compromise. Joe Stewart from eSentire’s Threat Response Unit highlights that the problem lies not in the passkeys themselves but …

Read More

Ransomware Attack Paralyzes Patelco Services

Patelco Credit Union, one of the oldest and largest credit unions in the U.S., suffered a significant ransomware attack on June 29, 2024. The cyber assault forced the shutdown of Patelco’s online banking platform, mobile app, and call center operations, affecting nearly 500,000 members in the Bay Area and Northern …

Read More

Amtrak Loyalty Breach

Amtrak recently disclosed a breach affecting its Guest Rewards accounts, where attackers used previously compromised credentials to access sensitive user data from May 15-18. Although Amtrak’s systems were not hacked directly, the unauthorized access exposed personal information including names, contact details, partial payment information, and travel history. The attackers even …

Read More