Category

Recent News
Attackers used a list of usernames and passwords obtained via credential stuffing attack to access State Farm customers’ online accounts.The investigation revealed that attackers were able to confirm valid usernames and passwords for some online accounts, however, no personal information was accessed. What is the issue? Insurance company State Farm notified its customers that it...
Read More
An unauthorized third-party accessed the information for 106 million people by exploiting a configuration vulnerability.The exposed information includes personal information, credit card data, transaction data, Social Security numbers, linked bank account numbers, and Social Insurance numbers of consumers and small businesses who applied for credit card products between 2005 and 2019. Capital One disclosed that...
Read More
Slack is resetting roughly 100,000 user passwords for accounts that were active in 2015. The company has only recently learned that an old security breach from four years ago was perhaps worse than previously thought. The news, first reported by ZD Net and confirmed by Slack in an announcement on its website, will only affect about 1...
Read More
A phishing attack using a novel technique to steal credentials from American Express customers was recently found in an email inbox protected using Microsoft’s Office 365 Advanced Threat Protection (ATP) by Cofense Phishing Defense Center researchers. The phishing campaign targeted both corporate and consumer cardholders with phishing emails full of grammatical errors but with a small but...
Read More
US mobile network operator Sprint said hackers broke into an unknown number of customer accounts via the Samsung.com “add a line” website. “On June 22, Sprint was informed of unauthorized access to your Sprint account using your account credentials via the Samsung.com ‘add a line’ website,” Sprint said in a letter it is sending impacted customers....
Read More
97% of all email users do not know what a phishing email looks like. 21% of all ransomware is sent through email and 92% of all malware is sent through emails. The average financial cost of a data breach is $3.86m. Email phishing is a very dangerous and also very common way for cyber criminals...
Read More
The server contained source code, passwords, configuration details, and other sensitive information related to GE Aviation’s internal infrastructure.It was one of the 5,495 publicly available Jenkins instances as indexed by Shodan. A publicly available Jenkins server of GE Aviation was found spilling sensitive data out in the open. Security researcher Bob Diachenko came across this...
Read More
Around 900 customers are said to have been targeted in the attack, who collectively lost around ¥55 million.The attackers exploited a security flaw in 7pay, a mobile payment app developed by 7-Eleven. Popular supermarket chain 7-Eleven has become the latest victim in a cyber attack. Attackers banked on a security flaw in 7-Eleven’s 7pay and...
Read More
A recent report by NASA OIG disclosed that the attackers used a Raspberry Pi in its April 2018 data breach.It also mentions that the hackers stole around 500 MB of data in the breach. The National Aeronautics and Space Administration (NASA) has confirmed that the April 2018 data breach was carried out using a Raspberry...
Read More
Written by Ryan Stewart Attackers compromised Microsoft support agent’s credentials and gained access to view ‘limited’ number of users’ email account information.Upon learning about the incident, Microsoft immediately disabled the compromised support agent’s credentials. What is the issue – Microsoft notified its users via email that a certain ‘limited’ number of users who use web email...
Read More
1 2 3 4 5 6