Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: New insights into the Gravy Analytics data breach reveal the vast extent of the company’s location-tracking operations and the potential for user de-anonymization. The leaked data, part of a 10 TB dataset, exposes the granular details of individuals’ movements and raises fresh concerns about the security and ethics of location data collection. Looking into the …
The post Leaked Gravy Analytics Data Expose Scale of Location Tracking appeared first on CyberInsider.
January 13th, 2025 (3 months ago)
|
|
|
Description: Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. [...]
January 13th, 2025 (3 months ago)
|
|
|
Description: The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant's internal database.
January 13th, 2025 (3 months ago)
|
|
|
Description: Six months after a ransomware attack disrupted operations at OneBlood, the not-for-profit blood center has notified affected individuals that their personal data was stolen during the incident. The breach, which occurred between July 14 and July 29, 2024, involved unauthorized access to sensitive information, including names and Social Security numbers. OneBlood, serving critical blood supply …
The post OneBlood Confirms Data Breach Following Ransomware Attack appeared first on CyberInsider.
January 13th, 2025 (3 months ago)
|
|
|
Description: Scholastic, the global educational and publishing giant known for producing popular book series like Harry Potter and Goosebumps, has suffered a significant data breach. The breach exposed sensitive information belonging to over 8 million individuals, with 4.2 million unique email addresses identified. The validity of the leaked data was confirmed by the security incident alerting …
The post Scholastic Data Breach Exposes Info of Over 4 Million Bookworms appeared first on CyberInsider.
January 13th, 2025 (3 months ago)
|
|
|
Description: In January 2025, a data breach of the publishing company Scholastic surfaced. The breach contained 4.2M unique email addresses with many of the records also including name, phone number and physical address.
January 13th, 2025 (3 months ago)
|
|
|
Description: In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, transactions, latitudes and longitudes, dates of birth and bcrypt password hashes.
January 12th, 2025 (3 months ago)
|
CVE-2024-7886 |
Description: A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5.15075 and classified as critical. Affected by this vulnerability is an unknown functionality in the library 7zxa.dll. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The real existence of this vulnerability is still doubted at the moment. The vendor explains that a system must be breached before exploiting this issue. They are not planning on making any changes to address it. In Scooter Software Beyond Compare bis 3.3.5.15075 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion in der Bibliothek 7zxa.dll. Mittels dem Manipulieren mit unbekannten Daten kann eine uncontrolled search path-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Zur Zeit ist nicht genau klar, ob diese Schwachstelle in der besagten Form wirklich existiert.
CVSS: HIGH (8.5) EPSS Score: 0.05%
January 11th, 2025 (3 months ago)
|
|
|
Description: Spanish telecommunications company Telefónica confirms its internal ticketing system was breached after stolen data was leaked on a hacking forum. [...]
January 10th, 2025 (3 months ago)
|
|
|
Description: Chinese hackers, part of the state-backed Silk Typhoon threat group, have reportedly breached the Committee on Foreign Investment in the United States (CFIUS), which reviews foreign investments to determine national security risks. [...]
January 10th, 2025 (3 months ago)
|