Data Breaches

Hackers hold city of Augusta hostage in a ransomware attack

BlackByte group has claimed responsibility for a ransomware attack on the city of Augusta in Georgia.  The ransomware group has posted 10GB of sample data for free and claimed they have a lot more data available.  “We have lots of sensitive data. Many people would like to see that as well as the media. You were given time to connect us but it seems like you are sleepy,” the screenshot shared by security researcher Brett Callow, who…

Read More

New phishing technique poses as a browser-based file archiver

A new phishing technique can leverage the “file archiver in browser” exploit to emulate an archiving software in the web browser when a victim visits a .zip domain, according to a security researcher identifying as mr.d0x. The attacker essentially simulates a file archiving software like WinRAR in the browser and masks it under the .zip domain to stage the phishing attack. “Performing this attack first requires you to emulate a file archive software using HTML/CSS,”…

Read More

Insider risk management: Where your program resides shapes its focus

There’s no getting around it, I am long in the tooth and have been dealing with individuals who break trust within their work environment for more than 30 years, both in government (where we called it counterespionage or counterintelligence) and in the private sector. Today we call programs that help prevent or identify breaches of trust insider risk management (IRM). Over the years I have hypothesized that where such IRM programs reside within an organization…

Read More

Researchers find new ICS malware toolkit designed to cause electric power outages

Over the past few years state-sponsored attackers have been ramping up their capabilities of hitting critical infrastructure like power grids to cause serious disruptions. A new addition to this arsenal is a malware toolkit that seems to have been developed for red-teaming exercises by a Russian cybersecurity company. Dubbed COSMICENERGY by researchers from Mandiant, the malware can interact with remote terminal units (RTUs) and other operational technology (OT) devices that communicate over the specialized IEC…

Read More

Elon Musk’s social security number allegedly leaked in Tesla data breach

Car manufacturer Tesla’s CEO, Elon Musk, may have had his social security number leaked in a data breach that saw 100GB of confidential information accessed. The Dutch data protection watchdog, Autoriteit Persoonsgegevens (DPA), has said that Tesla may have failed to protect confidential data from employees, customers and business partners. According to news publication Reuters, Tesla has been accused of failing to protect employee, customer and business partner data after 100GB of confidential information was…

Read More

How to check for new exploits in real time? VulnCheck has an answer

Cybersecurity professionals who need to track the latest vulnerability exploits now have a new tool designed to make their job easier, with the launch today of VulnCheck XDB, a database of exploits and proof of concepts hosted on Git repositories. The tool, from cyberthreat intelligence provider VulnCheck, is aimed at helping vulnerability researchers and security teams prioritize vulnerabilities based on the availability and criticality of new exploits that have been made public. “There is a…

Read More

Inactive accounts pose significant account takeover security risks

Inactive and non-maintained accounts pose significant security risks to users and businesses, with cybercriminals adept at using information stolen from forgotten or otherwise non-upheld accounts to exploit active accounts. That’s according to Okta’s first Customer Identity Trends Report which surveyed more than 20,000 consumers in 14 countries about their online experiences and attitudes towards digital security and identity. It found that increasing identity sprawl can trigger significant account takeover (ATO) security risks due to accounts…

Read More

Microsoft links attacks on American critical infrastructure systems to China

Microsoft and a few American intelligence agencies have detected malware of Chinese origin deployed in critical infrastructure systems in Guam and elsewhere in the United States. The malicious activity, focused on post-compromise credential access and network security discovery, has been linked to Volt Typhoon, a state-sponsored threat actor in China. “Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States,” Microsoft said in a…

Read More

ChatGPT and data: Everything you need to know

Since OpenAI unleashed ChatGPT onto the world, opinion has been split between those who believe it will radically improve the way we live and work and those who are worried about its potential for disruption, particularly on the privacy of individuals and organizations. There have already been incidents where sensitive data has been leaked and employees have landed in hot water after entering confidential company information into the chatbot, with some countries even issuing a…

Read More

IOTW: Luxottica confirms 2021 data leak of 70 million customers’ information

Italian eyewear brand Luxottica, parent company of Ray-Ban and Oakley, has confirmed that the data of more than 70 million customers was accessed in 2021. The data was exposed after a third-party data storage provider used by Luxottica suffered a cyber attack. It has not currently been made public how the hackers gained access to its network, or which company the third party was. The data breach and theft was revealed after a malicious actor…

Read More