Security news aggregator

Latest coverage for Incident

Incident coverage examines breaches, outages, and response failures to explain how security events affect systems, data, and organizations.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

An incident is a suspected or confirmed event that threatens the confidentiality, integrity, or availability of information or systems, or violates a security policy. Examples include unauthorized access, malware execution, exposed credentials, data loss, and disruptive attacks. Not every alert is an incident: triage determines whether an event is credible, its scope, and the assets or data involved.

Incident handling requires timely detection, analysis, containment, eradication, and recovery. Practitioners must preserve relevant evidence, identify affected accounts and systems, assess whether data was accessed or altered, and prevent recurrence. Clear escalation and documentation support privacy or regulatory notifications when applicable. Findings should feed security improvements such as closing exploited vulnerabilities, strengthening access controls, and updating detection and response procedures.

Showing 12 most recent headlines Filtered view
Bank Info Security 2 years, 3 months ago

Filipino Hacktivists Destroy Technology Agency Servers

Attackers Dismantle Department's Server Infrastructure, Delete Up to 25TB of DataA Filipino hacktivist group broke into servers owned and operated by the government's Department of Science and Technology and stole up to 25 terabytes of confidential data and backups. The hacking incident followed a series of successful cyberattacks against government agencies.

Also makes components for chips, displays, and hard disks, and has spent four days groping for a fix If ever there was an incident that brings the need for good infosec into sharp focus, this is the one: Japan's Hoya – a maker of eyeglass and contact lenses, plus kit used to make semiconductor manufacturing, flat panel displays, and hard disk drives – has halted some production and sales activity after experiencing an attack on its IT systems.…

Bank Info Security 2 years, 3 months ago

Breach Roundup: Omni Hotels Acknowledges Cyber Incident

Also: Insurer Predicts Ransomware for Cars, Offers to Cover Towing CostsThis week, Omni, OWASP and MarineMax suffered cyber incidents, Ivanti disclosed flaws, Cisco gave tips to stop password-spraying attacks, a court upheld an FCC ban, India rescued citizens in Cambodia, Americans lost $1.1 billion to impersonation scams, and an insurer introduced a cyber auto policy.

INC Ransom emerges as a growing threat as some ex-LockBit/ALPHV affiliates get new gigs Leicester City Council is finally admitting its "cyber incident" was carried out by a ransomware gang and that data was stolen, hours after the criminals forced its hand.…

Bank Info Security 2 years, 3 months ago

Remote Desktop Protocol: An Active Adversary Special Report

What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground when it goes wrong? An Active Adversary Special ReportRemote Desktop Protocol (RDP) is commonly abused by ransomware groups. Here are methods on how we can provide context and advice for administrators and responders looking to deal with RDP.

Bank Info Security 2 years, 3 months ago

US State Department Investigating Hacking Claims

Notorious Hacker Alleges They Stole Data From National Security ContractorThe U.S. Department of State confirmed it’s investigating claims of a cyber incident after a notorious hacker known as IntelBroker posted on a publicly accessible hacking forum that they had leaked data belonging to the federal government and its allies.

CISA calls for 'fundamental, security-focused reforms' to happen ASAP, delaying work on other software A review of the June 2023 attack on Microsoft's Exchange Online hosted email service – which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558" – has found that the incident would have been preventable save for Microsoft's lax infosec culture and sub-par cloud security precautions.…

CISA calls for 'fundamental, security-focused reforms' to happen ASAP, delaying work on other software A review of the June 2023 attack on Microsoft's Exchange Online hosted email service – which saw accounts used by senior US officials compromised by a China-linked group called "Storm-0558" – has found that the incident would have been preventable save for Microsoft's lax infosec culture and sub-par cloud security precautions.…