September 20, 2021
A man in California stole more than 620,000 personal photos and videos by perpetrating a scam using social engineering tactics.
September 17, 2021
Bleeping Computer reported on Sunday that Ford Motor Company exposed customer and employee data accidentally through a bug on their internal systems.
September 16, 2021
InfoSecurity Magazine reported this week that security researchers found an unsecured Amazon S3 bucket containing a database with millions of senior citizens' personal information exposed online.
September 15, 2021
One of the largest ever cryptocurrency thefts occurred recently. Hackers got away with more than $611 million stolen from blockchain-based financial network Poly Network.
September 14, 2021
Recently, Apple has been in the news concerning their announcement that they would soon be scanning all iCloud content looking for images that indicate child abuse.
September 13, 2021
By now, most people have heard of business email compromise (BEC scams). They have been around for a long time, but attackers are getting serious about honing their craft because this type of heist is one of the most lucrative around.
September 10, 2021
Bleeping Computer disclosed that on Wednesday, the Boston Public Library was hit by a widespread cyberattack that crippled its entire network.
September 10, 2021
In a bold effort to thwart illegal online practices, the Australian government passed a new law giving federal authorities expansive powers to take over personal accounts, interrupt services and intercept network activity.
August 27, 2021
With hacker intrusions on the rise, Facebook has doubled down on security and added end-to-end encryption to its Messenger app for video and audio calls.
August 26, 2021
According to a leaked internal memo, Amazon is considering monitoring keystrokes for all its customer service representatives.
August 23, 2021
Unfortunately, Android is in the news again, this time because of more than 10,000 victims caught in a "FlyTrap" of hacker mischief.
August 20, 2021
Accenture, a global information technology consulting firm, suffered a major ransomware attack this week. The LockBit ransomware gang took responsibility for the attack.
August 19, 2021
ZDNet reported this week that malware developers are turning to obscure or "exotic" programming languages to "hamper analysis efforts," and evade detection.
August 18, 2021
Many data breaches have occurred over the past few years, and as a result, there is a treasure trove of stolen personal information out there belonging to innocent victims.
August 17, 2021
This week Bleeping Computer, Data Breach Today and other news outlets reported that Kaseya's REvil universal decryption key showed up on the dark web.
August 16, 2021
Apple is very vocal about its commitment to users' privacy and security while using their devices, so the news that Apple will begin scanning all devices for child abuse content raises concerns over user privacy protection.
August 13, 2021
Thursday, the NSA posted a public announcement warning cybersecurity teams and end-users of the dangers of using free Wi-Fi.
August 12, 2021
Zoom is one of the most popular video conferencing platforms on the planet. During the pandemic, Zoom became the go-go solution for schools, students, teams and families to stay connected.
August 12, 2021
Mobile game developer Zynga suffered a data breach in 2019 that exposed users' names, email addresses, passwords, phone numbers, and other personal data.
August 10, 2021
The weakest link of any company is an untrained employee unaware of the dangers of ignoring cybersecurity best practices. This is the case with UC San Diego Health that suffered a data breach that lasted four months, exposing medical information for employees, patients, and students.
August 09, 2021
SolarWinds is the problem that just won't go away. Barely a week goes by without another announcement of further chaos and destruction caused by the SolarWinds attack.
August 06, 2021
Software vendor Kaseya recently suffered a massive ransomware strike, but they just got their hands on a universal decryption tool to help their customers.
August 05, 2021
Threat researchers acknowledge the dire threat of ransomware and have put together a survival kit for businesses hit with this type of attack.
August 04, 2021
The Verge reported today that the popular private/secure browser DuckDuckGo announced they would be launching a new email service to remove ad trackers.
August 03, 2021
Russian-based company DDoS-Guard service was apparently breached, and its company and customer data are for sale online on the dark web.
August 02, 2021
Monday, President Biden formally accused China of waging a cybersecurity war on the U.S. using Microsoft Exchange servers. What Happened?
July 30, 2021
Monday, Apple rolled out a zero-day vulnerability patch on iOS, iPad, and macOS operating system devices.
Security Issue
July 29, 2021
ZDnet and Threatpost reported this week that a $49 piece of malware named "XLoader" is for sale on the dark web, and it works on Mac machines as well as Windows.
July 28, 2021
While the federal government boosts funding for cybersecurity programs and enacts new laws to protect individuals and businesses against cyberattacks, some states are pushing through their own laws to secure things.
July 27, 2021
On July 14, Sonicwall, a networking equipment manufacturer, posted an urgent message on its website to alert customers of a serious ransomware threat using some of its products.
July 26, 2021
Instagram recently launched a new feature designed to help users whose accounts have been hacked regain control. The feature is called "Security Checkup."
July 26, 2021
The Android threat aptly named Joker is back again, and this time it packs an even more potent punch and is upgraded to evade detection more efficiently.
July 22, 2021
Hackers continue to target cryptocurrency platforms, wallets, and users. As a result, the FBI recently released a dire warning to cryptocurrency owners about current threats and the potential loss of significant financial assets.
July 21, 2021
A large portion of the business world uses Microsoft Office programs, and some of them use macros. Hackers have recently devised a method of bypassing security warnings when a macro-laced file is opened and are delivering malicious files to victims.
July 20, 2021
British Airways reached a settlement agreement with the victims of a data breach the company experienced in 2018 and will pay out damages to thousands of victims.
July 19, 2021
Yesterday Microsoft released an "out-of-band" update to patch a serious vulnerability in the Windows print spooler service.
July 16, 2021
The Register reported today (June 30) that the evangelical Christian church and UK chapter of the Salvation Army experienced a cyberattack that included ransomware.
July 15, 2021
The notorious ransomware gang REvil strikes again, this time at IT management software vendor Kaseya. The gang encrypted data and demanded $70 million to unlock the files.
July 15, 2021
BOSTON, June 29, 2021 - Ransomware, hacking, and data breaches are at an all-time high right now. To combat these threats, IDStrong recently launched three identity protection tools to help people create long, strong, hard-to-guess
July 14, 2021
The Russian cybercriminal gang that carried out the SolarWinds attack recently used the Microsoft customer support system to target Microsoft customers.
July 14, 2021
Luxury car brand Mercedes Benz just released a public announcement notifying customers of a data breach which included driver's license details, dates of birth, social security numbers, and payment card details.
July 12, 2021
Another healthcare organization was hit with ransomware earlier this month. The ransomware gang REvil claimed responsibility for attacking the University Medical Center (UMC) in Las Vegas, Nevada.
July 09, 2021
By now, most everyone knows that Colonial Pipeline suffered a massive ransomware attack and paid the hackers (DarkSide) a hefty ransom.
July 08, 2021
Just two short months ago, LinkedIn users were slammed with the news that 500 million user profiles were scraped from the platform and available online to hackers and thieves.
July 07, 2021
This week, the Register reported that internet registry company Asia Pacific Network Information Centre (APNIC) left a Whois SQL database exposed to the public for three months.
July 06, 2021
Tor patches a bug that could allow hackers to track your online activities and spy on you while you peruse the dark web. What is Tor?
July 05, 2021
Wegmans, a national grocery store chain, recently notified its customers that some information might have been exposed in a data breach.
July 01, 2021
You can't open a newspaper or watch the daily news without hearing about another ransomware attack. The ransom figures have skyrocketed in only a few short months from thousands to millions.
June 30, 2021
Another cyber-attack on an eye clinic in Iowa may have exposed patient data for hundreds of thousands of residents. What Happened?
June 29, 2021
As a result of a data breach two years ago, title insurance and settlement services company First American Financial Corp. of Santa Clara, California, will pay the U.S. Securities and Exchange Commission a $488,000 fine.
June 28, 2021
For the fourth time in barely a year, Carnival Cruise lines are hit again with a cyberattack and suffer a major data breach.
June 25, 2021
Like the DarkSide ransomware gang, Avaddon has decided to cease all operations. Intelligence experts believe that the hard crackdown on cybercrime has instilled fear in these groups, leading them to quit.
June 23, 2021
Threatpost reports that X-rated phishing campaigns have increased by 974 percent. These explicit emails are a form of social engineering BEC attack designed to shock users into clicking a link.
June 22, 2021
Threat researchers have discovered dozens of Google PPC ads that link to malicious websites laced with Redline, Taurus, Tesla, and Amadey malware (info stealers).
June 21, 2021
Recently, GitHub made a change to its policies to prevent malicious hackers from exploiting code through updates or versioning.
June 18, 2021
President Joe Biden has taken a hard line against Russia in terms of cybersecurity sanctions. However, as these organized crime groups use U.S. security tools against us, it severely limits his retaliation options.
June 17, 2021
For 18 long months, the FBI and other global law enforcement agencies worked tirelessly on a lengthy sting operation using a fake encrypted communications platform used by cybercriminals to plan their heists.
June 16, 2021
It's no news to anyone that data breaches have flooded the dark web with millions of user credentials. However, last Wednesday, NordLocker, a security products company, posted on their blog that a hacker group accidentally exposed 26 million stolen passwords while trying to sell them.
June 15, 2021
The Bleeping Computer reported on June 12 that both Audi and Volkswagen experienced a serious data breach exposing unsecured customer information online.
June 11, 2021
It appears that the Solar Winds attackers are not done with us yet. A report from Data Breach Today on May 28 confirms that Microsoft has discovered yet another attack from the same group.
June 11, 2021
Yesterday (May 24), the BleepingComputer reported that audio equipment giant Bose recently disclosed a data breach following a ransomware attack that occurred in March.
June 10, 2021
U.S. insurance giant CNA Financial recently paid hackers $40 million to release their systems from ransomware. The cyberattack occurred in late March.
June 10, 2021
The world runs on reviews nowadays. Before anyone buys a product, they read reviews, consult social media, and look for other online sources of information.
June 09, 2021
The Hacker News reported on June 2 that a Russian-language forum on the dark web has been running a contest for the past month asking hackers to submit ideas for "unorthodox" cryptocurrency attacks.
June 09, 2021
In a perfect example of irony, cybersecurity insurance company AXA decides to stop covering ransomware payments and is hit with a ransomware attack a week later.
June 08, 2021
On June 8, Amazon will roll out its new feature called Sidewalk that shares internet access with your neighbors. Users of devices like Echo, Ring Video Doorbells, Ring Floodlight Cameras, and Ring Spotlight Cameras have the option of opting out if they do not want this.
June 08, 2021
The Covid pandemic has affected the entire world in various ways. Hackers have repeatedly used it as a foothold to gain access to networks and devices by exploiting fears, spreading misinformation, and duping innocent victims.
June 07, 2021
On the heels of the Colonial Pipeline ransomware attack that halted operations and caused a temporary fuel shortage, the White House is quickly responding to another attack on the JBS meat processing plant.
June 04, 2021
Identity theft is on the rise, and one tactic criminals use to get personal information is through fake job ads. KrebsonSecurity reported last week about a recent scam duping more than 100 victims on LinkedIn before it was discovered, and the fraudulent ads removed.
June 03, 2021
The problem of ransomware does not just affect the U.S. A New Zealand hospital was hit last week, having to cancel surgeries and turn away patients.
June 02, 2021
The Colonial Pipeline attack was a wake-up call for consumers and government agencies who realize that our country's infrastructure is at extreme risk of takedown at any moment.
June 01, 2021
On May 20, the Federal Bureau of Investigations (FBI) issued a flash warning that the Conti ransomware gang is a serious and persistent threat to medical and emergency services with the potential to disrupt care and treatment.
June 01, 2021
In just nine short months, the ransomware gang dubbed DarkSide has netted more than $90 million from victims worldwide. Experts are calling this group one of the most profitable cybercriminal groups in history.
May 27, 2021
Microsoft has been under fire lately for dozens of new zero-day flaws that have come to light under threat assessor scrutiny.
May 26, 2021
The dark web is known as the place to go if you want the ultimate in privacy and security. According to Hacker News, a new study revealed that an unknown hacker controlled 27% of the Tor network exit capacity in February 2021.
May 25, 2021
On Wednesday, President Biden signed into law an executive order outlining a comprehensive plan to boost security across public and private sectors regarding cybersecurity.
May 24, 2021
Threat experts warn Android users of a new strain of malware designed to steal user credentials, passwords and take complete control of Android devices for financial fraud.
May 21, 2021
According to InfoSecurity Magazine, The Federal Trade Commission (FTC) reported that Kansas had the highest rate of identity theft in 2020 and more than three times the national average.
May 21, 2021
New tactics are used every day by hackers trying to get a foot in the door using malware to take over victims' computers. Another in an endless sea of options is using the Microsoft Build Engine (MBE) to filelessly deliver malware to targeted victims.
May 19, 2021
According to multiple sources this week, the notorious hacker gang dubbed DarkSide has decided to close up shop after their servers were seized and someone drained their cryptocurrency account.
May 18, 2021
Threat researchers had discovered that Peloton exercise products and installed API might have leaked the credentials and private data for millions of users before it was recently patched.
May 17, 2021
Top technology players like Microsoft, Amazon, Cisco, FireEye, and McAfee are joining forces with government agencies such as the Department of Justice (DOJ), Europol, and the U.K. National Crime Agency in a task force trying new ways of taking down cybercriminals.
May 14, 2021
Krebs on security reported on April 28 that Experian quietly fixed a bug in its API that exposed tens of millions of Americans' credit score to anyone who looked them up.
May 14, 2021
On Saturday, Colonial Pipeline, which delivers 45% of the East Coast's fuel, had to be shut down due to a ransomware attack.
May 13, 2021
Dell has issued a firmware update to fix a bug that went undetected since 2009, in hundreds of millions of Dell computers and laptops worldwide.
May 12, 2021
CloudSEC security intelligence created a tool called BeVigil which identified 40+ apps with more than 100 million installs that were found to be leaking AWS keys all over the place.
May 11, 2021
Along with the Covid-19 pandemic came a flurry of bad actors aimed and ready to swoop in and take control while the rest of us were looking the other way.
May 10, 2021
If you think you have heard it all when it comes to hackers finding ways to make a buck, think again. SC Magazine reported this week that the DarkSide ransomware group is offering insider stock tips to traders before they hit a major target and the stock prices fall.
May 06, 2021
Security experts recommend as part of security best practices to use a password manager. However, the last thing they expect is for that password manager to be compromised by an attack.
May 06, 2021
Info Security Group online magazine reported that Wyoming's Department of Health (WDH) accidentally exposed 25% of the state population's personally identifiable medical information through GitHub.com.
May 06, 2021
InfoSecurity Group magazine reported that First Horizon Bank experienced a data breach where more than 100 online customer accounts were accessed, and funds drained from them.
May 04, 2021
In an interesting turn of events, the ransomware gang dubbed "the Babuk group" is threatening Washington, D.C.'s Metropolitan Police Department with the release of names of private informants.
May 04, 2021
Large, popular cryptocurrency exchange EXMO was knocked offline by a massive DDoS attack on February 15. The incident prevented users from accessing accounts, and the company's website was down for more than two hours.
April 30, 2021
After the SolarWinds supply chain attack, there was a lot of speculation about those responsible. This week, the U.S. government and Biden administration formally sanctioned Russia, citing the SolarWinds attack and its involvement in disruptive tactics related to the 2020 election campaign.
April 29, 2021
Infosecurity Magazine reported this week that dating website Manhunt suffered a data breach.
What Happened?
According to a data breach notice filed on April 1 with the Washington attorney general's office, Manhunt was the subject of a data breach that occurred in February.
April 29, 2021
Homebrew users should take notice that a glaring RCE flaw in the Homebrew repository system could have allowed bad actors to use a fraudulent update to execute malicious code on the user's machine.
April 28, 2021
The REvil (Sodinokibi) hacker gang demands $50 million from Apple and Taiwanese manufacturer Quanta after stealing Apple device blueprints and threatening to leak them.
April 28, 2021
TechCrunch reported on April 19 that Geico, one of the largest auto insurance companies in the country, disclosed a data breach to the California attorney general's office, citing that hackers had been stealing customers' driver's license numbers for months.
April 27, 2021
Ukrainian national Fedir Hladyr (35) was sentenced to 10 years in federal prison for his involvement in the theft of millions of payment cards while he worked for the notorious cybercriminal gang FIN7.
April 27, 2021
Cybercriminals are using BazarLoader malware to attack Slack and BaseCamp users with social engineering tactics. Threat actors have combined it with a phone call component to increase the number of victims.
