IT infrastructure and security systems built in the cloud are great until one of them shuts down your company. Cybersecurity firm CrowdStrike's marketing material says an average cybercriminal can exfiltrate data within 62 minutes of breaking in. However, it only took the company's cybersecurity suite about three...Read more...
End-of-life hardware can be quite the problem at times, even crashing back into Earth’s atmosphere at supersonic speeds for that matter. Of course, we wouldn’t expect such travesties happening with the hardware you keep in your basement, or that NAS you tucked away your closet. However, older tech gear can have...Read more...
Over the past year, as tensions have intensified with China over the South China Sea and Taiwan, the United States has begun to focus on Chinese Communist Party (CCP) influenced businesses and organizations operating or providing services in the US. Perhaps the most prevalent example of this is TikTok, and the concern...Read more...
In recent days and weeks, Call of Duty has seen an uptick in population since the online servers were fixed up, allowing players to return to their old haunts and have some fun. However, with this uptick in activity, cheaters and hackers are looking to ruin the fun and nostalgia for CoD players. As it turns out, they...Read more...
With all the excitement around ChatGPT, it is no wonder that threat actors are taking advantage of the situation. Besides having those with malicious intentions steal your Facebook account, they might also be stealing your ChatGPT account credentials as well, following the discovery of over 100,000 compromised ChatGPT...Read more...
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) published a joint cybersecurity advisory warning network defenders about phishing attacks that leverage remote monitoring and management...Read more...
In a collective "I told you so" moment, security experts were proven right as California's newly-minted digital license plates have been hacked by a group of security/vulnerability researchers. The team was able to track the plate by GPS or even change the vehicle status to "Stolen." Even as the state legalized the...Read more...
If you have a Chick-fil-A account and notice suspicious activity or unapproved purchases, take action now, because with the fast food chain has been hacked, affecting an unknown number of user accounts.
As early as the beginning of January, there have been Reddit posts stating that their Chick-fil-A accounts have...Read more...
Gemini, the cryptocurrency exchange founded by the Winklevoss twins, published a blog post this week warning about phishing campaigns targeting its customers. These phishing campaigns are likely related to a previously undisclosed data breach that exposed the email addresses of the exchange’s 5.7 million customers...Read more...
Last week, Google began pushing out an update to its Chrome browser that fixes a critical security vulnerability in the browser’s JavaScript engine. Google noted in its blog post about the update that an exploit for this vulnerability is out in the wild. Then, on Monday, the Cybersecurity and Infrastructure Security...Read more...
Researchers at the cybersecurity firm Zimperium have discovered a botnet made up of web browsers infected by malware. The malware in question is known as Cloud9 and takes the form of browser extensions. When installed, these browser extensions take control of infected browsers to steal valuable information and perform...Read more...
Researchers at the cybersecurity firm Trellix have been keeping tabs on a sophisticated phishing campaign, known as BazarCall, since it first drew attention in 2020. This campaign evolved over time, pioneering a social engineering technique called "callback phishing" that is now employed by many different threat...Read more...
Last year, Cloudflare, a company that provides DDoS mitigation, content delivery network (CDN) services, and many others, published a blog post declaring its intention to kill CAPTCHAs. Now about a year and a half later, the company is introducing an alternative to standard CAPTCHAs that should be much faster and...Read more...
Threat intelligence firm Recorded Future has published a report concerning a long-term credential theft campaign targeting humanitarian, think tank, and government organizations. A hacking group known as RedAlpha is carrying out this ongoing campaign, and is known to have been active as far back as 2015. However, it...Read more...
Cloudflare says that it was hit by the same smishing (sms phishing) attack that recently resulted in a user data breach at Twilio. However, unlike Twilio, Cloudflare managed to prevent the attack from escalating to a data breach thanks to its strong security measures. While the attackers managed to steal login...Read more...
Last year, a hacker who goes by the name “pompompurin” managed to breach a Federal Bureau of Investigation (FBI) web portal and send out thousands of hoax emails from an official FBI email address. Just a couple weeks prior, pompompurin gained unauthorized access to the internal network of the stock trading app...Read more...
Shortly after hitting Parker Hannifin Corporation, a major component supplier for Boeing and Lockheed Martin, the Conti ransomware group abandoned the Conti name and split off into smaller groups that coordinate with the larger group’s leadership. This move came after Conti targeted the government of Costa Rica with...Read more...
Google has begun rolling out another update to its Chrome browser on all the major desktop platforms (Windows, Linux, and Mac) and there are at least 32 reasons why you should apply it sooner rather than later. That's the number of security fixes the latest update includes. If you're looking for just one very good...Read more...
Earlier this month, Clearview AI reached a settlement agreement with the American Civil Liberties Union (ACLU) over the company’s usage of Illinois citizens' biometric data without their consent. Clearview AI sells its recently patented facial recognition technology to both private companies and government agencies...Read more...
In what seems to be the year of security breaches and threat actors thieving or or holding data for ransom, defenders, or blue teamers, cannot seem to catch a break. However, just after announcing that it had hit a major component supplier for Boeing and Lockheed Martin, it appears that the Conti ransomware gang as we...Read more...
The beginning of the year saw a flurry of stories about security breaches as the cybercriminal gang known as LAPSUS$ stole data from an alarming number of big name companies in a short period of time. However, while LAPSUS$ is no longer in operation, after the London police arrested all seven members of the group...Read more...
When Coca-Cola started its “Share A Coke” campaign in the early 2010s, it was certainly not thinking of this. A ransomware group dubbed “Stormous” has reportedly stolen 161GB of data from Coca-Cola. The data is currently for sale on the dark web, although Coca-Cola has not confirmed the breach.
The data includes...Read more...