Security news aggregator

Latest coverage for Compromise

Stay updated on the latest compromise incidents in infosec. Discover how breaches occur and learn strategies to protect your data and networks.

7 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Compromise in information security means unauthorized access or control over a system, network, or data, often resulting from exploiting vulnerabilities like software bugs, weak credentials, or misconfigurations. It indicates that an attacker has bypassed security measures to read, modify, or disrupt resources without permission.

Such compromises pose risks including data theft, unauthorized system manipulation, and persistent attacker presence. Detecting and containing compromises requires monitoring for unusual activity, applying timely patches, and enforcing strong access controls to limit attacker movement and reduce the impact of exploited weaknesses.

Showing 7 most recent headlines Filtered view

Domain Controllers Commandeered to Distribute Malware, Warns MicrosoftRansomware hackers are hitting up Active Directory domain controllers to boost privileges within compromised networks, warns Microsoft. Nearly eight out of every 10 human-operated cyberattacks involves a breached domain controller. Securing the servers is a challenge.

Lawsuit claims sick cyber-voyeurism went undetected for years, using hundreds of PCs, due to lax infosec A now-former pharmacist at the University of Maryland Medical Center (UMMC) has been accused of compromising the US healthcare organization's IT systems to ogle female clinicians using webcams at their workplace and at their homes.…

Bank Info Security 1 year, 3 months ago

Top Australian Pension Funds Breached in Coordinated Hacks

Hackers Use Credential Stuffing to Steal AU$500,000, Breach 20,000 Member AccountsAustralia's largest pension funds faced coordinated credential attacks last week that compromised thousands of user accounts and led to the theft of at least AU$500,000 from four superannuation accounts. The affected funds included AustralianSuper, Rest and Australian Retirement Trust.

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims' digital wallets