Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware
An unidentified threat actor compromised an application used by multiple entities in Pakistan to deliver ShadowPad, a successor to the PlugX backdoor that’s commonly associated with Chinese hacking crews.
Targets included a Pakistan government entity, a public sector bank, and a telecommunications provider, according to Trend Micro. The infections took place between mid-February 2022 and Read More
The Hacker News | #1 Trusted Cybersecurity News Site
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability. […] Read More
Windows 11 22H2 adds a built-in passkey manager for Windows Hello
Today’s Windows 11 update includes several security improvements, including a new passkeys management dashboard designed to help users go passwordless more easily and tools to reduce the attack surface. […] Read More
Prudential Financial Data Breach: 36,000 Users’ Data Stolen
[[{“value”:”
Prudential Financial, a stalwart in the financial services sector headquartered at 751 Broad Street, Newark, New Jersey, has reported a severe security incident.
The breach, which was discovered on February 5, 2024, occurred just a day before. It involved sophisticated social engineering tactics that led to unauthorized access to the company’s external systems.
The Scale of the Incident
The breach has affected 36,545 individuals, including 201 residents of Maine. Despite the number of affected Maine residents not exceeding 1,000, the incident raises significant concerns about the security measures to protect sensitive customer data.
The compromised information includes names in conjunction with driver’s license or non-driver identification card numbers, which can be used for identity theft and other fraudulent activities.
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .
The USA Attorney General’s office has released a notification regarding the recent Prudential Financial data breach, which resulted in the theft of data belonging to around 36,000 users.
The report was submitted by H Jacqueline Brehmer, an associate at Debevoise & Plimpton LLP who serves as outside counsel for Prudential.
The legal firm has been actively managing the breach’s aftermath, ensuring compliance with regulatory requirements and mitigating any potential legal fallout.
Immediate Response and Consumer Protection
Prudential Financial has not yet notified consumer reporting agencies, as the number of affected individuals in Maine does not trigger the threshold that mandates such action.
However, the company is expected to take comprehensive steps to address the breach, including notifying all affected individuals and offering credit monitoring services to mitigate the risk of identity theft.
The Growing Threat of Social Engineering
The breach at Prudential highlights the increasing threat of social engineering attacks in the financial industry.
Cybercriminals employ more sophisticated methods to manipulate individuals into divulging confidential information, bypassing traditional security measures.
In the wake of this incident, Prudential Financial is expected to review and enhance its cybersecurity protocols to prevent future breaches.
The financial services industry must prioritize investment in advanced security infrastructure and employee training to combat the evolving threat landscape.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.