Security Bulletin

Texas-based McMurry University had data from almost 18,000 individuals compromised as a result of a June data breach, Cybernews reports.

Tennessee-based substance abuse treatment service provider American Addiction Centers had information from 422,424 individuals exfiltrated during a breach of its internal servers in September, which was initially disclosed to have affected 410,747...

Transit services at the Pittsburgh Regional Transit have resumed following a brief interruption last Thursday amid a ransomware intrusion, reports The Record, a news site by cybersecurity firm Recorded Future.

Hackread reports that more than 30,000 internet-exposed instances of widely used cloud-based API development and testing platform Postman Workspace had API keys, tokens, and admin credentials exposed as a result of access control misconfiguration...

Japan Airlines, the country's flag carrier, had over 20 domestic flights and some international trips delayed following a cyberattack, which also impacted ticket purchases and luggage services, Kyodo News reports.

Nearly 50,000 Ruijie cloud-connected devices could be hijacked in attacks exploiting 10 security vulnerabilities in its Reyee cloud platform, all of which have already been patched, reports The Hacker News.

U.S. and Japanese officials have attributed the massive $308 million cryptocurrency heist against Japanese cryptocurrency exchange DMM Bitcoin in May to North Korean threat operation TraderTraitor, which is believed to be a subgroup of the Lazarus...

While companies have responded to the new SEC rules by disclosing incidents promptly, many of the reports don't meet the SEC's "material" standard.

From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months.

It often takes more than three weeks to recover from a cyberattack – here’s how to speed the process up.

As organizations on the continent expand their use of digital technologies, they increasingly face many of the same threats that entities in other regions have had to deal with for years.

By default, DShield Honeypots [1] collect firewall, web and cowrie (telnet/ssh) [2] data and log them on the local filesystem. A subset of this data is reported to the SANS Internet Storm Center (ISC) where it can be used by anyone [3]. A common...