Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization’s digital assets.
Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization’s digital assets.
Cisco Secure Access – DNS Defense is a seamless pathway to our Universal ZTNA solution. Learn how it works in the blog.
Most breaches are caused by everyday human mistakes. The 90-5-5 Concept is a framework that addresses this by shifting the conversation to proactive design.
In October 2024, French ISP “Free” suffered a data breach which was subsequently posted for sale and later, leaked publicly. The data included 14M unique email addresses along with names, physical addresses, phone numbers, genders, dates of birth and for many records, IBAN bank account numbers. Free advised that the numbers were “not enough to make a direct debit from a bank”.
In May 2025, a coalition of law enforcement agencies took down the criminal infrastructure behind the malware used to launch ransomware attacks in a new phase of “Operation Endgame”. This followed the first Operation Endgame exercise a year earlier, with the latest action resulting in 15.3M victim email addresses being provided to HIBP by law enforcement. A further 43.8M victim passwords were also provided for HIBP’s Pwned Passwords service.
In June 2023, the Fédération Francaise de Rugby (French Rugby Federation) suffered a data breach and attempted ransom. The breach exposed 282k unique email addresses along with names, dates of birth and phone numbers. The Federation subsequently published a disclosure notice and stated that the attack primarily affected email servers. The data was provided to HIBP by a source who requested it be attributed to “atix”.
Last week, we released version 2.4.150: https://blog.securityonion.net/2025/05/security-onion-24150-celebrating.html This week, an upstream package update caused an issue with one of our […]
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history, employment status and financial data such as contribution amounts, debts and payments”. According to the BBC, more than 2 million pieces of information were taken, including data relating to “domestic abuse victims, those in family cases and others facing criminal prosecution”. It’s not known whether
The post Lessons Learned from the Legal Aid Agency Data Breach appeared first on IT Governance Blog.
Thanks to Brad Duncan for sharing this pcap from 2025-03-26 on his malware traffic analysis site! Due to issues with […]
We’ve been offering our Security Onion documentation in book form on Amazon for a few years and it’s now been […]