Naq Cyber, Vlamingstraat 4, Zoetermeer (2026)

27/01/2022

New York fines EyeMed $600K!

EyeMed reached a $600,000 settlement with the state of New York to resolve a number of allegations against its data security program, revealed during the state’s investigation into the healthcare business associate following a 2020 data breach that impacted 2.1 million individuals.

Eyecare giant Luxottica owns EyeMed, which provides vision benefits for a number of health insurance companies.

“EyeMed betrayed trust by failing to keep an eye on its own security system, which in turn compromised the personal information of millions of individuals,” New York Attorney General Letitia James said in a statement.

In December 2020, EyeMed reported falling victim to an email hack that was first discovered several months earlier in July. An attacker gained access to an employee email account and sent phishing emails to contacts found in the account’s address book on July 1.

Read full article: https://buff.ly/3r54ucs

Need help securing your data? Get in touch!

19/01/2022

IT firm C-Planet fined €65,000 over massive voter data breach

An IT firm responsible for a massive leak of voter data has been fined €65,000 for data breaches.

Data Protection Commissioner Ian Deguara issued the administrative penalty against C-Planet It Solutions Limited which was hired by the Labour Party to manage a cache of private information on some 337,384 Maltese voters.

The information was leaked online in April 2020.

Names, addresses, ID card details, phone numbers and the voting intentions of around two-thirds of the population were exposed.

Read full article: https://buff.ly/3tDx32r

Need help securing your data? Get in touch!

10/01/2022

FinalSite ransomware attack shuts down thousands of school websites

FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide.

FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and universities across 115 different countries.

A school IT administrator told BleepingComputer that FinalSite did not provide them with a time frame as to when services would be restored and were forced to send emails to parents alerting them of the outage.

In addition to the website outages, a system administrator shared on Reddit that the attack prevented schools from sending closure notifications due to weather or COVID-19.

Read full article: https://buff.ly/3tcsrju

Need help securing your business? Get in touch!

06/01/2022

Portugal Media Giant Impresa Crippled by Ransomware Attack

Media giant Impresa, which owns the largest television station and newspaper in Portugal, was crippled by a ransomware attack just hours into 2022. The suspected ransomware gang behind the attack goes by the name Lapsus$.

The attack included Impresa-owned website Expresso newspaper and television station SIC. Both remain offline Tuesday morning as the media giant continued its recovery from a New Year’s weekend attack. Impacted is the server infrastructure critical to Impresa’s operations. Additionally compromised is one of Impresa’s verified Twitter accounts, which was hijacked and used to taunt the company publicly.

Read full article: https://buff.ly/3ztvAfR

Need help securing your business? Get in touch!

04/01/2022

Cyber-attack on UK’s Defence Academy Forced IT rebuild!

Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.

The school, based in Shrivenham, Oxfordshire, teaches 28,000 military personnel, diplomats and civil servants a year and moved more online during the pandemic.

In the interview with Sky, the first since he left the military, Stringer said “unusual activity” was first discovered by contractors working for outsourcing company Serco and “alarm bells” started ringing.

He told the outlet there were “external agents on our network who looked like they were there for what looked pretty quickly like nefarious reasons”.

But he disclosed the attack was not successful and while the hackers may have been using the academy as a “backdoor” to other Ministry of Defence (MoD) systems, there were no breaches beyond the school.

The site, which is much like a domain for a university, had to be completely rebuilt, a task which is still ongoing, Sky said.

Read full article: https://buff.ly/3pMpUKL

Need help securing your business? Get in touch!

13/12/2021

Dutch national cyber watchdog holds crisis meeting with cybersecurity experts due to global leak ❗️

275 cyber security professionals met multiple times Sunday at the request of the National Cyber Security Center (NCSC) to discuss what threatens to be a new wave of ransomware attacks. This is the first time the government has convened all major cybersecurity firms digitally to discuss how to handle a security crisis.

The reason is a critical security vulnerability in log4j, a basic component used in all kinds of software that, for example, keeps track of which users have logged on. The potential impact of the vulnerability is enormous, says a spokesperson for the NCSC, but also unknown. 'We will have to wait and see in the coming days how it will play out.'

Read full article: https://buff.ly/3EU879x (Dutch)

Need help securing your business? Get in touch!

03/12/2021

Panasonic Data Breach ❗️

Japanese tech giant Panasonic has confirmed a data breach after hackers gained access to its internal network.

Panasonic said in a press release dated November 26 that its network was “illegally accessed by a third party” on November 11 and that “some data on a file server had been accessed during the intrusion.” However, when reached, Panasonic spokesperson Dannea DeLisser confirmed that the breach began on June 22 and ended on November 3 — and that the unauthorized access was first detected on November 11.

News of this data breach comes less than a year after Panasonic India was hit with a ransomware attack that saw hackers leak 4 gigabytes of data, including financial information and email addresses. It also comes amid a wave of cyberattacks targeting Japanese technology companies. NEC and Mitsubishi Electric both fell victim to hackers last year, and Olympus was recently forced to suspend its European, Middle East and Africa operations after being hit by BlackMatter ransomware.

Read full article: https://buff.ly/3o2XWtm

Need help securing your business? Get in touch!

02/12/2021

Naq Cyber is super excited to have been featured as one of the startups to watch in the Privacy Tech Sifted Pro briefing 🥂

Naq makes SMEs GDPR compliant with one simple and affordable monthly subscription and we can't wait to take the world🌍 by storm!

Read more about Naq Cyber in 's Pro Briefing here: https://buff.ly/3daZ47Z

01/12/2021

MonoX hack: $31 Million Worth Of Crypto Lost ❗️

DeFi platform MonoX has reported the loss of $31 million following a DeFi hack that saw hackers stealing $18.2 million in wrapped ether (WETH) and $10.5 million in polygon (MATIC) as well as other cryptocurrencies.

While no further details of the attack have been revealed, MonoX has expressed their desire to get in contact with the perpetrator of the hack to resolve the issue, perhaps wishing to offer a bounty if the stolen funds are returned.

Several recent hacks have seen hackers exploit vulnerabilities of DeFi platforms such as SushiSwap and Vee Finance. SushiSwap recently had $3 million stolen, while Avalanche-based finance platform Vee Network was exploited for $35 million.

Read full article: https://buff.ly/3Ga91iF

Need help securing your business? Get in touch!

29/11/2021

IKEA hit by a cyber attack that uses stolen internal reply-chain emails!

Threat actors are targeting IKEA employees in an internal phishing campaign leveraging stolen reply-chain emails.

Once compromised the mail servers, threat actors use the access to reply to the company’s internal emails in reply-chain attacks. Sending the messages from the organizations allows the attackers to bypass detection. Threat actors also exploit the access to internal emails to target business partners.

“There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA,” reads the emails sent by IKEA to its employees. “This means that the attack can come via email from someone that you work with, from any external organisation, and as a reply to an already ongoing conversations. It is therefore difficult to detect, for which we ask you to be extra cautious.”

Read full article here: https://buff.ly/3xzlRDL

Need help securing your business? Get in touch!

26/11/2021

It's Black Friday. Watch out for scams!

The FBI warns of cyber criminals targeting online shoppers during the holiday season. In this period netizens hope to take advantage of online bargains and are more active online, for this reason they are more exposed to the risk of scams.

The feds estimated that online shoppers could lose more than $53 million during this year’s holiday season to scams offering bargains and gifts that are hard to find due to merchandise shortages.

“During the 2020 holiday shopping season, the FBI Internet Crime Complaint Center (IC3) received over 17,000 complaints regarding the non-delivery of goods, resulting in losses over $53 million,” reads a public service announcement published by the FBI. “It is anticipated this number could increase during the 2021 holiday season due to rumors of merchandise shortages and the ongoing pandemic.”

Cybercriminals will attempt to entice their victims in multiple ways including:

E-mails advertising hot-ticket or products that are hard to find on the market, such as event tickets or gaming systems.
Untrusted websites and ads promoting unrealistic discounts and bargains.
Post on social media posts, apparently shared by a known friend, offering vouchers, gift cards, freebies, and contests.
Advertisements on social media platforms that promote non-existent or counterfeit items.
Online surveys designed to steal personal information.
Unsuspecting online shoppers could also fall victim of identity theft of phishing attack aimed at stealing their payment card data.

Read full article: https://buff.ly/314kkdd

Need help securing your business? Get in touch!

24/11/2021

GoDaddy data breach: Over a million user accounts exposed ❗️

In a filing with the Securities and Exchange Commission, GoDaddy’s chief information security officer Demetrius Comes said the company detected unauthorized access to its systems where it hosts and manages its customers’ WordPress servers. WordPress is a web-based content management system used by millions to set up blogs or websites. GoDaddy lets customers host their own WordPress installs on their servers.

GoDaddy said the unauthorized person used a compromised password to get access to GoDaddy’s systems around September 6. GoDaddy said it discovered the breach last week on November 17. It’s not clear if the compromised password was protected with two-factor authentication.

The filing said that the breach affects 1.2 million active and inactive managed WordPress users, who had their email addresses and customer numbers exposed. GoDaddy said this exposure could put users at greater risk of phishing attacks. The web host also said that the original WordPress admin password created when WordPress was first installed, which could be used to access a customer’s WordPress server, was also exposed.

Read full article: https://buff.ly/3FO2Y33

Need help securing your business? Get in touch!

Naq Cyber

27/01/2022

19/01/2022

10/01/2022

06/01/2022

04/01/2022

13/12/2021

03/12/2021

02/12/2021

01/12/2021

29/11/2021

26/11/2021

24/11/2021

Adres

Website

Meldingen

Snelkoppelingen

Delen

Type