Items tagged with cybersecurity

Shortly after hitting Parker Hannifin Corporation, a major component supplier for Boeing and Lockheed Martin, the Conti ransomware group abandoned the Conti name and split off into smaller groups that coordinate with the larger group’s leadership. This move came after Conti targeted the government of Costa Rica with... Read more...
Cybercriminals can steal credit card credentials using a number of different methods, including phishing attacks, other form of social engineering, skimming, and data breaches. Stolen credit card credentials often don’t remain with the original thief, but instead end up being sold on an online marketplace. There are... Read more...
Three years ago, Capital One Financial Corporation suffered a massive data breach that exposed customers’ personal information. Rather than being the victim of social engineering or a ransomware attack, it turned out that Capital One had misconfigured its web application, leaving its system vulnerable to a breach. The... Read more...
Popular portrayals of hackers tend to show them as computer geniuses who use their elite technical skills to breach computer systems. However, in real life, bad actors often don’t bother to directly hack computer systems when they can access those same systems by hacking people instead. People are often willing to... Read more...
Ransomware is bad news not only because it can cause business-ending disruptions, as in the case of Abraham Lincoln College, but also because the actors behind ransomware attacks often exfiltrate data from compromised systems in addition to encrypting the data on said machines. Ransomware gangs tend to use this stolen... Read more...
Last week, the US Federal Trade Commission (FTC) published a report according to which cryptocurrency scammers have swindled Americans out of over $1 billion since 2021. Cryptocurrency scams are rampant on social media sites, as well as messaging apps like Telegram. The scams often trade on the names of... Read more...
Wi-Fi capable devices, like smart phones, often automatically send out probe requests in order to detect available Wi-Fi networks in the area. These probe requests include a device identifier known as a MAC address. Nowadays, most phones, as well as some other devices, utilize randomized MAC addresses to increase... Read more...
Much of the discussion surrounding cyberwarfare has centered around Russia and Ukraine, in recent months. While it may have been pushed into the background, however, China’s aggressive cyber activity continues apace, whether it rises to the level of warfare or not. Only a month ago, we covered news that Chinese... Read more...
Yesterday, we reported on a data breach at Shields Health Care Group that resulted in the theft of personal information belong to 2 million Americans. Oftentimes, data stolen in breaches like this end up on online forums or marketplaces where cybercriminals buy and sell these ill-gotten gains. Lately, US law... Read more...
Personal information is also valuable information, as personal data in the wrong hands can empower cybercriminals to commit identity theft and fraud. However, even those who take important steps to secure their personal information can have it exposed when an employer, health care provider, government agency, or other... Read more...
Last week, security researchers published a report showing that the rate at which trojans infect mobile devices has been accelerating over the past few quarters. Trojans are a form of malware disguised as applications that users might want to install. Victims of trojans effectively invite malware onto their devices... Read more...
It’s a new week, and there’s another proof of concept for a phishing technique. Last week, we covered a phishing technique for hijacking WhatsApp accounts, and the week before that we reported on a phishing campaign targeting Intuit QuickBooks users. This new proof of concept leverages an established phishing... Read more...
Earlier this week, we covered a report that claimed mobile device trojans are on the rise. Trojans are a specific kind of malware that infect victims’ devices by pretending to be legitimate and trustworthy applications. Unfortunately, trojans sometimes mange to sneak their way into the Google Play Store and infect... Read more...
The prevalence of ransomware attacks is rising year-over-year at a rapid pace, with 2021 marking a doubling in the number of reported attacks over 2020. As ransomware attacks have become a prominent and lucrative form of cyberattack, a market has developed for cybercriminals to buy and sell ransomware. Some of these... Read more...
WhatsApp, the messaging app owned by Meta that employs the end-to-end encryption Signal Protocol, is massively popular worldwide. The app boasts more than 2 billion users, which is over a fourth of the world's population. Unsurprisingly, given the app’s popularity, scammers and hackers often target WhatsApp and its... Read more...
Research from earlier this year showed that hackers can remotely unlock and start Honda and Acura vehicles by exploiting a vulnerability in the remote keyless system. However, cybercriminals targeting the automotive industry don’t have to steal your car when they can steal something potentially more valuable: your... Read more...
Cybersecurity experts are constantly trying to improve user account security. This task can be a difficult one when users don’t take basic steps to secure their own accounts. A recent report found that the most commonly used passwords among business executives are “123456” and “password.” However, even accounts... Read more...
The past week, Vancouver was the site of the 2022 Pwn2Own contest, a timed test of skills for hackers and cybersecurity experts. This year marks the 15th anniversary of the contest, and 2022's gathering didn't disappoint. 17 contestants attacked 21 targets, including Apple's Safari browser, Windows 11, and even the... Read more...
In what seems to be the year of security breaches and threat actors thieving or or holding data for ransom, defenders, or blue teamers, cannot seem to catch a break. However, just after announcing that it had hit a major component supplier for Boeing and Lockheed Martin, it appears that the Conti ransomware gang as we... Read more...
It’s not hard to see why Apple, Google, and Microsoft are pushing passwordless logins when cybercriminals are able to leverage malware and phishing attacks to steal passwords. However, bad actors don’t need to actually steal them when their victims use simple, easy-to-guess passwords. Unfortunately, those sorts of... Read more...
Earlier this month, we reported on a phishing attack that stole $23.5 million from the US Department of Defense (DoD). Thankfully, the DoD caught the cybercriminals and recovered the money, but this incident highlights the need for strong cybersecurity practices at the DoD and among its contractors. The DoD is a high... Read more...
The beginning of the year saw a flurry of stories about security breaches as the cybercriminal gang known as LAPSUS$ stole data from an alarming number of big name companies in a short period of time. However, while LAPSUS$ is no longer in operation, after the London police arrested all seven members of the group... Read more...
Prev 1 2 3 4 5 Next