Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Ascension discloses new data breach after third-party hacking incident
Description: ​Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. [...]
Source: BleepingComputer
April 30th, 2025 (about 1 month ago)
The Future of Cloud Access Management: How Tenable Cloud Security Redefines Just-in-Time Access
Description: Traditional approaches to cloud access rely on static, permanent permissions that are often overprivileged. Learn how just-in-time access completely changes the game.The access challenge in modern cloud environmentsAs cloud adoption accelerates, organizations are grappling with a fundamental security challenge: How do you grant people the access they need — such as on-call developers needing to debug problems, site reliability engineers (SREs) needing to repair issues with infrastructure, or DevOps engineers needing to provision or architect resources — without opening the door to overprivileged accounts and breach risks?Traditional approaches rely heavily on static, permanent permissions. Human users often receive more access than necessary simply because it’s hard to predict specifically which permissions they’ll need. These permissions rarely get revoked, leaving organizations exposed.This is where Tenable Cloud Security changes the game. As a powerful cloud-native application protection platform (CNAPP) solution, Tenable Cloud Security doesn't just identify access-related risk — it actively helps you solve it.In this blog, we explore how you can address the excessive permissions challenge using the just-in-time (JIT) access capability in Tenable Cloud Security.Just-in-time access: The elegant solution to human identity riskJIT access enables organizations to dramatically reduce their exposure from compromised identities by providing a substitute for permanent access. I...
Source: Tenable Blog
April 30th, 2025 (about 1 month ago)
France ties Russian APT28 hackers to 12 cyberattacks on French orgs
Description: Today, the French foreign ministry blamed the APT28 hacking group linked to Russia's military intelligence service (GRU) for targeting or breaching a dozen French entities over the last four years. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
Nova Scotia Power Says Cybersecurity Incident Impacting IT Systems
Description: Nova Scotia Power and its parent company Emera Inc. are actively managing a cybersecurity incident involving unauthorized access to parts of their Canadian IT network. Although some business applications were affected, the companies confirm that critical infrastructure operations remain unaffected. The breach was initially identified by Nova Scotia Power's internal IT team, who immediately activated … The post Nova Scotia Power Says Cybersecurity Incident Impacting IT Systems appeared first on CyberInsider.
Source: CyberInsider
April 29th, 2025 (about 1 month ago)
SK Telecom cyberattack: Free SIM replacements for 25 million customers
Description: South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. [...]
Source: BleepingComputer
April 29th, 2025 (about 1 month ago)
BreachForums Admins Deny Breach, Warn Against Clones
Description: After several days offline and swirling rumors of arrests and law enforcement action, BreachForums administrators have issued a statement claiming that their forum was not compromised and that no team members have been apprehended. The announcement, cryptographically signed with PGP, offers the first direct communication from the original forum's team since mid-April. According to the … The post BreachForums Admins Deny Breach, Warn Against Clones appeared first on CyberInsider.
Source: CyberInsider
April 29th, 2025 (about 1 month ago)
Marks & Spencer breach linked to Scattered Spider ransomware attack
Description: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider" BleepingComputer has learned from multiple sources. [...]
Source: BleepingComputer
April 28th, 2025 (about 1 month ago)
VeriSource now says February data breach impacts 4 million people
Description: Employee benefits administration firm VeriSource Services is warning that a data breach exposed the personal information of four million people.  [...]
Source: BleepingComputer
April 28th, 2025 (about 1 month ago)
Media firm Urban One confirms data breach after cybercriminals claim February attack
Description: Urban One, the largest media company serving African Americans, disclosed a data breach to regulators. A ransomware group said it had attacked the company.
Source: The Record
April 28th, 2025 (about 1 month ago)
🏴‍☠️ Qilin has just published a new victim : Dermatologists of Birmingham
Description: Our team managed to breach and encrypt Dermatologits of Birmingham's network. Once we have breached the network we have managed to download 141GB from there. What kind of data was taken: - patients data - medical data - employee d ...
Source: Ransomware.live
April 28th, 2025 (about 1 month ago)