Salesforce attack exposed Google Ads customer data


Google has revealed more details about an attack on one of its corporate Salesforce instances. The company now says that the attack exposed user data of Google Ads customers.
The security issue was spotted by Google Threat Intelligence Group (GTIG) back in June. Activity by UNC6040 – described as a financially motivated threat cluster that specializes in voice phishing (vishing) – hit Salesforce and subsequent investigations have revealed the extent and impact of the attacks.
New ‘hardened runtime’ standard aims to make organizations more secure


Traditional runtime security solutions have tended to focus on detection and as a result generate thousands of low-fidelity alerts. Edera is launching what it says is a new software security category aimed at ending the era of 'move fast and break things'.
Edera's ‘hardened runtime’ provides production-grade sandboxing that assumes a breach before it occurs. This architectural approach eliminates the root causes of privilege escalation, lateral movement, and data exfiltration while dramatically reducing operational overhead for security teams.
Analysis of breached passwords shows almost all are weak


New research from Specops has analyzed 10 million random passwords from the billion+ breached password list used by Specops Password Auditor and finds that a startling 98.5 percent are weak.
The research defines a ‘strong’ password as having at least 15 characters in length and at least two different character classes. A long password of 15 identical-class characters (for example all lowercase) is easier to crack than one that mixes in digits or symbols.
Preventing cybersecurity stagnation through breach containment


There’s a famous quote by Einstein which reads: “Insanity is doing the same thing over and over again and expecting different results.”
In cybersecurity, this saying has never been more fitting. We’ve seen years of increased investment, a figure Gartner estimates will reach $212 billion this year, yet the cost of breaches continues to rise, reaching $4.8 million in 2024. That’s 10 percent higher than 2023, according to IBM.
Number of compromised credentials up by 33 percent


The latest Global Threat Intelligence Report (GTIR) from Flashpoint finds that threat actors compromised over 3.2 billion credentials in 2024, a 33 percent increase from the year before.
Of these 75 percent or 2.1 billion, were sourced from information stealing malware, a dangerous new twist on an older threat that has infected over 23 million devices worldwide.
Nearly half of organizations suffer third-party security incidents


New research finds that 47 percent of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network.
The study, carried out by the Ponemon Institute for Imprivata, also shows 64 percent of respondents believe these types of third-party data breaches will either increase or remain at alarmingly high levels over the next 12-24 months.
Data breaches are top privacy concern for consumers


Fears of a data breach dominate consumer concerns, with 64 percent naming breaches as their top privacy worry.
A new report, based on responses from almost 2,500 people around the world, released by Acronis to mark this year's Data Privacy Day, shows that in spite of heightened awareness 25 percent of respondents have experienced data theft or loss and 12 percent remain unsure if they've been breached, underlining the hidden nature of many cyberattacks.
97 percent of banks hit by third-party data breaches


New analysis released by SecurityScorecard reveals that 97 percent of the top 100 US banks have experienced a third-party data breach in the past year.
As banks increasingly rely on third-party vendors for core functions, their exposure to supply chain vulnerabilities increases. Using the largest proprietary risk and threat intelligence dataset, SecurityScorecard's experts analyzed how third-party breaches impact the banking sector.
More than half of organizations think their cloud security is inadequate


A new survey, from infrastructure management provider Pulumi, reveals that 58 percent of organizations feel their cloud security is inadequate, underscoring the critical need for enhanced security measures in cloud environments.
This echoes research from other sources which show a 75 percent increase in cloud intrusions from 2022 to 2023, and 44 percent of organizations having faced a cloud data breach -- 14 percent reporting one in the past year.
Businesses taking longer to recover from cyber incidents


In 2024, businesses have reported taking an average of 7.3 months to recover from cybersecurity breaches -- 25 percent longer than expected and over a month past the anticipated timeline of 5.9 months.
This is among the findings of the latest Global Security Research Report from Fastly which also shows that recovery times are even worse for companies that planned on cutting back cybersecurity spending. They faced an average of 68 incidents each -- 70 percent above the average -- and their recovery times stretched to 10.9 months.
The problem with third-party breaches: A data protection dilemma


Time and time again, organizations face an escalating threat to their data: Third-party breaches. As businesses increasingly rely on external vendors and partners for various services, the security of sensitive information becomes more vulnerable. This poses the question: Are traditional security measures still effective or obsolete in protecting vital information?
There has been a notable increase in third-party breaches, with headlines featuring Snowflake, Santander and Ticketmaster as recent victims. These incidents highlight that vulnerabilities are inherent in our systems, making no organization immune to such attacks.
Companies aren't 'owning' their data


With a rapidly developing threat landscape, an increase in high-profile data breaches, the introduction of new legislation, and customer tolerance for poor data handling at an all-time low, the stakes are high for companies to have robust cybersecurity in place. However, despite their best efforts, companies are often found to not be doing enough to protect their assets.
Often, this is due to a case of ‘too much, too fast’. As businesses invest in new technologies, their day-to-day operations are being supported by ever more complex and fragmented technology platforms. At the same time, the amount of customer data available to them is growing and constantly streaming in, and bad actors are consistently launching more sophisticated attacks. Meanwhile, leaders are not fully aware of or own responsibility for their cybersecurity plans. As the digital world evolves with new threats and regulations, business leaders must recognize the importance of data protection. If they do not, they cannot adequately protect their customer's data and are in danger of losing their trust and even their continued existence in business.
The $13 billion problem: Tackling the growing sophistication of account takeovers


Fraudsters have used account takeovers (ATOs) to victimize 29 percent of internet users, resulting in $13 billion in losses in 2023. Over three-quarters of security leaders listed ATOs as one of the most concerning cyber threats, and the danger grows as bad actors leverage AI to launch more potent attacks.
The Snowflake breach demonstrates the devastating consequences of ATOs. Attackers gained access to 165 of the data platform’s customers’ systems, including AT&T and Ticketmaster, and exfiltrated hundreds of millions of records containing sensitive data. The attack wasn’t some brilliant hacking scheme -- the bad actors simply used legitimate credentials to log into the platform.
Druva launches natural language tool to help cybersecurity investigations


When investigating an incident to contain and remediate a threat, security teams need to understand complex attack patterns, such as malware gestation, score, and sprawl -- the answers to which all lie in the data and systems.
To help with this process Druva is releasing Dru Investigate, a GenAI-powered tool that guides data security investigations using a natural language interface.
Why is the world witnessing a surge in data breaches?


While the world of cybersecurity has always been fairly unpredictable, what’s certain is that data breaches are on the rise. But what’s driving this trend, how long will it continue, and what can organizations do about it?
According to the 2023 Annual Data Breach Report by the Identity Theft Resource Center (ITRC), a non-profit organization, data compromises have leapt up in the past two years. From the previous record of 1,860 in 2021 they dropped slightly to 1,801 in 2022 but rebounded to reach a new high of 3,205 last year. That’s an increase of 72 percent over just two years.
Recent Headlines
Most Commented Stories
BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.
Regional iGaming Content
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.