ENGlobal Cyber-Attack Exposes Sensitive Data
Energy contractor ENGlobal reported that sensitive personal data was stolen by threat actors, with the incident disrupting operations for six weeks
Information Security Magazine
Lynx Ransomware Group Unveiled with Sophisticated Affiliate Program
2 months 3 weeks ago
Group-IB researchers have exposed the highly organized affiliate platform and sophisticated operations of the Lynx Ransomware-as-a-Service group
58% of Ransomware Victims Forced to Shut Down Operations
2 months 3 weeks ago
A Ponemon Institute survey highlighted the growing impact of ransomware attacks on victims’ revenue and reputation
API Supply Chain Attacks Put Millions of Airline Users at Risk
2 months 3 weeks ago
An API supply-chain attack affecting a popular online travel booking service put millions of airline users at risk
Mega Data Breaches Push US Victim Count to 1.7 Billion
2 months 3 weeks ago
The number of data breach victims increased 312% annually to exceed 1.7 billion in 2024, according to the ITRC 2024 Annual Data Breach Report
EU Sanctions Three Russians For 2020 Cyber-Attack on Estonia
2 months 3 weeks ago
The three Russian hackers are believed to be part of Unit 29155 of the GRU, also known as Cadet Blizzard, Ember Bear and Ruinous Ursa
British Vishing-as-a-Service Trio Sentenced
2 months 3 weeks ago
Three men have been sentenced after pleading guilty to running an account hijacking service for fraudsters
Hidden Text Salting Disrupts Brand Name Detection Systems
2 months 3 weeks ago
A new phishing tactic has been identified by Cisco Talos, using hidden text salting to evade email security measures
SaaS Breaches Skyrocket 300% as Traditional Defenses Fall Short
2 months 3 weeks ago
Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations' security measures not set up to deal with these attacks
New Phishing Campaign Targets Mobile Devices with Malicious PDFs
2 months 3 weeks ago
A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials
CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks
2 months 3 weeks ago
74% of CISOs plan to increase their cyber crisis simulation budgets in 2025
Subaru Bug Enabled Remote Vehicle Tracking and Hijacking
2 months 3 weeks ago
A now-patched vulnerability could have enabled threat actors to remotely control Subaru cars
Change Healthcare Breach Almost Doubles in Size to 190 Million Victims
2 months 3 weeks ago
Change Healthcare has claimed 190 million customers were affected by a mega-breach last year
AWS Announces £5m Grant for Cyber Education in the UK
2 months 3 weeks ago
Amazon Web Services has launched its Cyber Education Grant Program in the UK
Russian Scammers Target Crypto Influencers with Infostealers
2 months 3 weeks ago
Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals
North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns
2 months 3 weeks ago
A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion
Ransomware Gangs Linked by Shared Code and Ransom Notes
2 months 3 weeks ago
SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure
Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances
2 months 4 weeks ago
Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment
Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud
2 months 4 weeks ago
Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams
CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills
2 months 4 weeks ago
Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ
Checked
1 hour 17 minutes ago