Data Breaches

20 Mar

ForgeRock, Double Secret Octopus offer passwordless authentication for enterprises

Data Breaches, Malware, Social Engineering

ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations. ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications. “While ForgeRock already offers passwordless authentication for…

Read More
20 Mar

ForgeRock, Secret Double Octopus offer passwordless authentication for enterprises

Data Breaches, Malware, Social Engineering

ForegeRock is adding a new passwordless authentication capability, called Enterprise Connect Passwordless, to its flagship Identity Platform product to help eliminate the need for user passwords in large organizations. ForgeRock has partnered with Israel-based Secret Double Octopus to offer the new feature set, designed to allow companies to integrate passwordless technology into enterprise IT infrastructure and provide end users with a unified login approach to all their applications. “While ForgeRock already offers passwordless authentication for…

Read More
20 Mar

CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws

Data Breaches, Malware, Social Engineering

Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) announced the launch of the Ransomware Vulnerability Warning Pilot (RVWP) program to “proactively identify information systems that contain security vulnerabilities commonly associated with ransomware attacks.” Once the program identifies vulnerable systems, regional CISA personnel will notify them so they can mitigate the flaws before attackers can cause too much damage.  CISA says it will seek out affected systems using existing services, data sources, technologies, and…

Read More
20 Mar

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Data Breaches, Information, Insights

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer on why you might want to do that, and how. Image: Shutterstock Telecommunications giant AT&T disclosed this month that a breach…

Read More
20 Mar

BianLian ransomware group shifts focus to extortion

Data Breaches, Malware, Social Engineering

Ransomware group BianLian has shifted the main focus of its attacks away from encrypting the files of its victims to focusing more on extortion as a means to extract payments from victims, according to cybersecurity firm Redacted. The shift in the operating model comes as a result of Avast’s release of a decryption tool that allowed a victim of the BianLian ransomware gang to decrypt and recover their files without paying any ransom. The decryption…

Read More
17 Mar

Latitude Financial Services Data Breach Impacts 300,000 Customers

Data Breaches, Information, News

Australian financial services company Latitude Financial Services is notifying roughly 300,000 customers that their personal information might have been compromised in a data breach. A subsidiary of Deutsche Bank and KKE operating since 2015 and headquartered in Melbourne, Latitude is the largest non-bank lender of consumer credit in Australia, also offering services in New Zealand, under the brand Gem Finance. On Thursday, the company disclosed falling victim to a cyberattack that forced it to suspend…

Read More
17 Mar

Two Patch Tuesday flaws you should fix right now

Data Breaches, Malware, Social Engineering

Microsoft released its monthly security bulletin this week, covering patches for over 80 vulnerabilities across its products. However, two of them had already been used by attackers before patches were released. One vulnerability affects all supported versions of Outlook for Windows and allows attackers to steal Net-NTLMv2 hashes and then use them in NTLM (New Technology LAN Manager) relay attacks against other systems. The second allows attackers to bypass Microsoft SmartScreen, a technology built into…

Read More
16 Mar

What is phishing?

Attacks, Data Breaches

Phishing is a social engineering tactic that sees hackers attempt to gain access to personal or confidential information by posing as a legitimate company. In this article, Cyber Security Hub’s editor Olivia Powell explores what phishing attacks are, why malicious actors launch phishing attacks and how companies can protect themselves against them. For our guide explaining the different types of malware and how this can affect your business, visit Cyber Security Hub’s Ultimate guide to…

Read More
16 Mar

IOTW: Ransomware gang allegedly hacks Ring doorbells

Attacks, Data Breaches

Russia-linked ransomware gang ALPHV has claimed to have launched a cyber attack against Amazon-owned domestic security company, Ring. Ring, which makes doorbells with video and sound recording capabilities, has denied that the hack took place. ALPHV, however, posted on the dark web about the hack and is threatening to release data stolen during the breach. The gang, which is responsible for creating BlackCat malware, posted a picture of the Ring logo on its website alongside…

Read More
16 Mar

UK bans TikTok on government devices over data security fears

Data Breaches, Malware, Social Engineering

Social media app TikTok has been banned on UK government electronic devices, the Cabinet Office has announced. The ban, announced by the chancellor of the Duchy of Lancaster, Oliver Dowden, comes in the wake of a security review into the risks posed to government data by social media apps on devices along with the potential for sensitive information to be accessed and used by some platforms. The move follows other Western countries who have barred…

Read More