LastPass hacked, source code stolen
There is no evidence customer data or encrypted password vaults were involved, co
Facebook Glitch Flood Users’ Feeds with Celebrity Spam
Thousands of Facebook users reported a glitch on Wednesday on outage tracking website, Downdetector. According to users’ reports, the glitch promoted posts to celebrity fan pages and groups to the top of their timelines. Users who opened Facebook on mobile devices and desktops received chronological posts to celebrity pages and groups. 81% of the reports […]
New BEC Campaign Target Executives’ Microsoft 365 Accounts
Researchers at Mitiga have uncovered a new Business Email Compromise (BEC) campaign that uses sophisticated spear phishing and Adversary-in-The-Middle (AiTM) tactics to gain access to corporate executives’ Microsoft 365 accounts. According to researchers, the attackers are able to gain access to high-level accounts to monitor communications and intercept huge financial transactions. In order to compromise […]
Group wins federal contract to automate network device authentication
Optiv Canada, Venafi and Crypto4A Technologies are installing a solution to centrally manage PKI infr
Fake Google Chrome Extension Downloaded by Over 200,000 Users
Researchers have discovered a Google Chrome extension called Internet Download Manager, which is an adware and has been downloaded by more than 200,000 users. Although the extension installs a well-known and legitimate download manager program, researchers were able to show some irregular behaviors through the extension. These irregular behaviors include opening links to spammy sites, […]
Plex Confirms Cyberattack, Impose Password Reset for Users
Plex, a major provider of media streaming services, has confirmed a cyberattack in which attackers stole password data and emails from at least half of its 30 million customers. In the email to customers, they were asked to reset their passwords. Step-by-step instructions were also provided, and the company advised customers to sign out of […]
U.S. Data Privacy bill to Give User more Control over Their Data
The American Data and Privacy Protection Act will give users more control over their data, which has long been largely used by technology companies without consent. The bill has already passed the U.S. House of Representatives Committee on Energy and Commerce by a 53-2 vote on July 20, 2022, but has yet to pass the […]
How Threat Actors Target Specific Industries with Ransomware Attacks
Security provider Barracuda analyzed BlackMatter, Karakurt and LockBit to illustrate how threat actors carry out ransomware attacks. BlackMatter uses phishing emails to compromise employee accounts and gain network access. Once they have gained access, they scan and move laterally within the network while they install hacking tools and steal sensitive data. Karakurt Data Extortion Group […]
More Than $100 Million in NFT Stolen Between January and July
According to blockchain research firm Elliptic, more than $100 million worth of non-fungible tokens were stolen by attackers in the year to July. Security compromises via social media have skyrocketed since NFT gained prominence, accounting for 23% of NFT thefts in 2022. While NFT thieves received an average of $300,000 per scam, the extent of […]
Dell to use Enterprise Sales to Boost Revenue Amid PC Sales Slump
Dell will use revenue from corporate customers to boost quarterly revenue after declining PC demand hit the company’s revenue forecasts. Nearly half of Dell’s revenue is expected to come from enterprise sales as the companies continue to improve their hybrid equipment. Dell enjoyed strong patronage during the pandemic thanks to robust demand for remote working […]
