Security news, breach analysis, and technical insights on encryption and data protection from the CIFER team.
Critical security incident as threat actor offers root SSH access to a US tax service portal containing 15+ years of sensitive client data including SSNs and tax documents.
Threat actor claims massive telehealth breach exposing 1.6M+ U.S. patient records including PHI, biometric data, and prescription information.
INTERLOCK ransomware group lists Apex Spine and Neurosurgery (US) and Aero Fabrications Limited (UK) as latest victims, with nearly 19,000 files stolen across both organizations.
NordVPN refutes claims of internal server breach after threat actor posts alleged Salesforce data dump. The incident highlights third-party vendor risks even when core systems remain secure.
Threat actor compiles 52.5M French records from government agencies, telecoms, and retailers into dark web index. ANTS, CAF, Hellowork, and SFR data exposed.
Hardware wallet maker Ledger suffers data breach through payment processor Global-e, exposing customer names and contact information. A reminder that third-party vendors extend your attack surface.
Threat actors are selling read-only access to Kraken cryptocurrency exchange admin panel, exposing user profiles, transaction history, and enabling social engineering attacks.
Critical security incidents from Dec 24 to Jan 2: Kraken exchange panel access, 20M Experian records, 160M French phone numbers, Solana private keys, and 30+ breaches across global organizations.
ESA confirms a cybersecurity incident after hackers claim to have stolen 200GB of data including source code, API tokens, and hardcoded credentials from space agency systems.
95% of exposed MongoDB servers remain vulnerable to MongoBleed, allowing attackers to dump passwords, tokens, and credentials without authentication.
A new tracking tool exploits messaging protocol delivery receipts to monitor 3 billion users' activity patterns, location, and sleep schedules—without detection.
Understanding the quantum computing threat to current encryption and how post-quantum algorithms will protect your data in the future.
Learn how zero-key encryption eliminates key management complexity while providing stronger security guarantees through hardware-enforced isolation.
A deep dive into how Trusted Execution Environments (TEEs) provide hardware-level isolation for sensitive computations and cryptographic operations.
