Items tagged with cybersecurity
Phishing emails traditionally come from threat actors looking to make a quick buck or steal some data for nefarious purposes. Things get confusing, however, when phishing-style emails come directly from an organization like Amazon. That is exactly what happened over the weekend, leaving many customers baffled...
Read more...
Chinese threat actors are upping their game in the cybersecurity realm, as indicated by new Linux backdoors and other advanced tactics, techniques, and procedures (TTPs). With this, an international multi-agency team led by the National Security Agency (NSA) has discovered a People’s Republic of China-linked group...
Read more...
Side channel attacks are always fascinating to see how they are executed, such as the recent discovery that encryption keys could be stolen by recording power LEDs on various devices. Researchers have found that malicious websites might be able to see usernames and other sensitive information by leaking it from...
Read more...
Nonprofit NGO National Student Clearinghouse handles student data reporting and exchange, serving 3,600 universities and 22,000 high schools around the United States. However, being “the leading provider of educational reporting, data exchange, verification, and research services” would make the organization a rather...
Read more...
As it turns out, hotels, and by extension, the hospitality industry, are not the most secure organizations around despite handling personal information and credit card details. This is evident in the recent MGM Hotel breach or even further back with the 2022 social engineering of Marriott. Now, an infostealer campaign...
Read more...
Trend Micro has been tracking a threat-actor group since early 2021, dubbed Earth Lusca, which is purportedly based out of China. Since that initial discovery, researchers have found the group has utilized increasingly sophisticated infrastructure, tools, techniques, and procedures to advance its goals in...
Read more...
While Windows is nearly ubiquitous, great for convenience and it offers a familiar end-user experience, some things are more easily done on Linux. Given this odd juxtaposition of popularity versus utility, threat actors targeting Linux are finding a target-rich environment that can still fly under the radar for the...
Read more...
As it turns out, it does not take a team of highly specialized criminals led by one Danny Ocean to disrupt a massive casino network these days. It only realistically takes a team of hackers to bring things to a grinding halt and potentially get away with personal data or money in the era of the digital heist.
From...
Read more...
This month, the Associated Press is warning that the personal information of AP Stylebook customers was compromised in a data security incident over the summer. What tipped the AP off was a series of phishing emails being sent to AP Stylebook customers asking them to provide updated credit card information.
The AP...
Read more...
As we await the next generation of iPhone, Apple is engaged with other issues at the current moment, such as two new vulnerabilities discovered in iOS, iPadOS, watchOS, and MacOS. As such, Apple device owners should update their devices as soon as possible with the released security patch to prevent the infection...
Read more...
Grassroots online items exchange forum Freecycle has been the focus of a massive data breach affecting more than 7 million of its users. Here's what you need to know.
Non-profit organization Freecycle announced that it detected a data breach three months after stolen data from the site was put on sale on a hacking...
Read more...
This year, international fashion brand Forever 21, which has over 540 store locations, suffered a data breach affecting over 500,000 persons. As of late, a breach notice has been shared with the Office of the Maine Attorney General, and notices to affected parties will likely be delivered shortly.
On March 20th...
Read more...
Earlier this month, researchers at the National Science Foundation’s NOIRLab detected and responded to an unknown cybersecurity incident on its network. While security teams were reportedly quick to isolate the incursion, it shuttered the lab’s astronomical observatory operations and shines a spotlight on the...
Read more...
The FBI and Justice Department recently announced a “multinational operation to disrupt and dismantle the malware and botnet known as Qakbot.” In what the authorities are calling one of the largest U.S.-led disruption operations, Qakbot infrastructure was accessed to tear down the network from the inside.
Qakbot...
Read more...
Several energy providers are now asking New England customers to monitor their accounts for unusual activity or beware of potential scams following a third-party data breach earlier this month.
Earlier this morning, HotHardware was made aware that an email had gone out from Eversource, a residential energy provider...
Read more...
It is generally known that Internet of Things (IoT) devices are not the most secure things in the world. Researchers from Italy and the United Kingdom have proven this once more after discovering four vulnerabilities in Amazon Italy’s best-selling smart light bulb, the TP-Link Tapo L530E.
The first and most severe...
Read more...
This month, researchers at Zimperium’s zLab reported on a means by which thousands of Android malware samples were evading detection and analysis. It is claimed that over three thousand samples use this technique, which involves tampering with the field that establishes what compression method is used for the...
Read more...
A team of British researchers have found a way to use AI to learn keyboard keystrokes with 95 percent accuracy using nothing but the mics on an iPhone. This spells more trouble in the already complex and increasingly insecure realm of personal data security.
In a recently published paper submitted by a research...
Read more...
Cybersecurity incidents are constantly on the rise, with many threat actors launching targeted or widespread opportunistic attacks. In what effectively amounts to cyberterrorism, these acts are not limited to large companies and organizations as one might think, but extend to things like high-profile sporting events...
Read more...
In recent days and weeks, Call of Duty has seen an uptick in population since the online servers were fixed up, allowing players to return to their old haunts and have some fun. However, with this uptick in activity, cheaters and hackers are looking to ruin the fun and nostalgia for CoD players. As it turns out, they...
Read more...
Radio communications are the backbone of much of day-to-day life, but by and large, we routinely take it for granted. This is also aided by the fact that there is much secrecy surrounding this technology, but that did not deter Dutch researchers who discovered vulnerabilities and an intentional backdoor in the...
Read more...
Earlier this month, researchers from Palo Alto’s Unit 42 discovered a peer-to-peer worm dubbed P2PInfect targeting Redis installations, an open-source database application used in cloud environments. While only 934 of the publicly communicating 307,000 unique Redis systems may be vulnerable, the worm may knock on the...
Read more...
