From financial losses to legal issues to a damaged reputation, the consequences of a data breach can severely impair organizations. Therefore, having robust data breach incident response and investigation procedures is critical for organizations to mitigate the impact of such incidents. In this article, we review what a data breach is and how it can influence your organization as well as provide eight simple steps to efficiently respond to and investigate data breaches.

In April of 2024, the FBI released a warning that threat actors are sending SMS phishing, also known as smishing, messages to individuals pretending to be toll road operators messaging about unpaid toll fees. This kind of attack is a common one, and targets more than just individuals –— think the MGM resorts breach of 2023 that started with a phishing call to an IT professional and ended up costing the casino millions.

From Uber in 2016 to Okta in 2023 to Sisense in 2024, it’s evident that there’s a pattern behind the tech industry’s most devastating breaches: Data sprawl. Let’s dive into how data sprawl played a part in last week’s Sisense breach, as well as how security teams can be proactive in defending against similar attacks.

In the ever-evolving landscape of cybersecurity threats, the recent breach by the notorious hacker group R00TK1T serves as a stark reminder of the vulnerabilities faced by even the most established organizations. As the Foresight Threat Team delves into the details of this alarming incident, it becomes imperative to shed light on the implications and lessons to be learned from this breach.

Analysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it. The U.K. Government just released their Cyber Security Breaches Survey 2024 where they asked U.K. businesses and charities about their experiences with cyber attacks and breaches, their preparedness plans, response plans and the impacts of the attacks. According to the survey results, half (50%) of all U.K.

A hacker known as "IntelBroker" has purportedly breached Space-Eyes, a geospatial intelligence firm, potentially exposing sensitive US national security data. Authorities are currently investigating the claim, recognizing the potential ramifications it could have on critical government operations.

After attackers accessed around 591,000 customer accounts this year, Roku is making 2FA mandatory. Over two separate incidents, the first affecting 15,363 accounts and the second affecting roughly 576,000. In these cases, the attackers used the accounts to purchase streaming subscriptions and hardware stored in users accounts, the company has confirmed.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently announced that they are investigating a major breach at Sisense, a business intelligence company.

Every day, more people get online - most do it for leisure, but organizations are increasingly moving into the digital environment. The increasing number of these new end-point users makes it clear that the cyber world must evolve. No longer can experts argue for unique platform passwords when password fatigue is prominent, nor can cybersecurity defenders protect all the various attack junctures across multiple platforms and tools.