Browsing tag
If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and engagement will be captured by a CRM platform. Inventory applications will trigger automated re-orders; communication tools will send automated email and text messages confirming sales and sharing shipping information. SaaS applications supporting retail efforts will […]
Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its systems. The company said it “promptly” initiated incident response and recovery measures after detecting “network anomalies.” It also said it alerted law enforcement agencies of the matter. That said, MSI did not disclose any specifics […]
Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication. “This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the […]
Every year, billions of credentials appear online, be it on the dark web, clear web, paste sites, or in data dumps shared by cybercriminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft. While CISOs are aware of growing identity threats and have multiple tools in their […]
The Australian Federal Police (AFP) on Monday disclosed it’s working to gather “crucial evidence” and that it’s collaborating with overseas law enforcement authorities following the hack of telecom provider Optus. “Operation Hurricane has been launched to identify the criminals behind the alleged breach and to help shield Australians from identity fraud,” the AFP said in […]
Akasa Air, India’s newest commercial airline, exposed the personal data belonging to its customers that the company blamed on a technical configuration error. According to security researcher Ashutosh Barot, the issue is rooted in the account registration process, leading to the exposure of details such as names, gender, email addresses, and phone numbers. The bug […]
Days after the Conti ransomware group broadcasted a pro-Russian message pledging its allegiance to Vladimir Putin’s ongoing invasion of Ukraine, an anonymous security researcher using the Twitter handle @ContiLeaks has leaked the syndicate’s internal chats. The file dump, published by malware research group VX-Underground, is said to contain 13 months of chat logs between affiliates […]
Gone are the days when ransomware operators were happy with encrypting files on-site and more or less discretely charged their victims money for a decryption key. What we commonly find now is encryption with the additional threat of leaking stolen data, generally called Double-Extortion (or, as we like to call it: Cyber Extortion or Cy-X). […]
Since society depends on technology more and more, cybersecurity concerns increase as well. The digital world requires good security measures for businesses and organizations to not lose money and reputation. The United Kingdom ranks fifth for levels of cybersecurity preparation worldwide. However, it still faces numerous struggles. As for 2021, four in ten businesses and […]
Interactive livestreaming platform Twitch acknowledged a “breach” after an anonymous poster on the 4chan messaging board leaked its source code, an unreleased Steam competitor from Amazon Game Studios, details of creator payouts, proprietary software development kits, and other internal tools. The Amazon-owned service said it’s “working with urgency to understand the extent of this,” adding […]
An unpatched design flaw in the implementation of Microsoft Exchange’s Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. “This is a severe security issue, since if an attacker can control such domains or has the ability to ‘sniff’ traffic in the same network, they can […]
More than one terabyte of data containing 5.5 million files has been left exposed, leaking personal information of over 100,000 customers of a Colombian real estate firm, according to cybersecurity company WizCase. The breach was discovered by Ata Hakçıl and his team in a database owned by Coninsa Ramon H, a company that specializes in […]
Cloud infrastructure security company Wiz on Thursday revealed details of a now-fixed Azure Cosmos database vulnerability that could have been potentially exploited to grant any Azure user full admin access to other customers’ database instances without any authorization. The flaw, which grants read, write, and delete privileges, has been dubbed “ChaosDB,” with Wiz researchers noting […]
Protection against insider risks works when the process involves controlling the data transfer channels or examining data sources. One approach involves preventing USB flash drives from being copied or sending them over email. The second one concerns preventing leakage or fraud in which an insider accesses files or databases with harmful intentions. What’s the best […]
In what’s likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, […]
Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user has been leak out. It’s possible too verify if any credential of user has been leak out before. The Oblivion have two modes: Oblivion Client: graphical mode. Oblivion Server: mode with API functionalities. NOTE: […]
BigBasket(Innovative Retail Concepts Private Limited) is India’s largest online food and grocery store. It is funded by Alibaba Group, Mirae Asset-Naver Asia Growth Fund, and therefore the UK government-owned CDC group. “Recently BigBasket became victim to a data breach,” reported Cyble. Cyble has indexed the breached information at AmiBreached.com. The Cybel Research team found the database of Big Basket […]
A database of over 350 million customer records exposed from unsecured Elasticsearch cluster belonging to voice over-internet-protocol company Broadvoice. The database was uncovered by security researcher Bob Diachenko, on October 1. He observed that the unprotected Elasticsearch cluster contained several information found unprotected. What are the Data Exposed An amount of 350 million customer records […]
As if it wasn’t hard enough to have their data compromised, businesses who fell victim to Maze ransomware are now facing another threat: their data could become public. Maze’s operators have been collecting data from victim organisations for a while, ultimately using it as a weapon until payment is received to decrypt archives. Now, for […]
Data protection specialists from security firm vpnMentor reported the detection of a data breach on a Romanian web platform, owned by tobacco company British American Tobacco; headquartered in the UK, this is one of the world’s largest manufacturers of tobacco and nicotine-based products. The vpnMentor research team, led by renowned expert Noam Rotem, found the […]
Researchers discovered a massive hacked database online that exposed tens of millions of SMS text messages, and private data belongs to a U.S company TrueDialog. TrueDialog is an American communication company that offering SMS texting solutions to companies such as businesses, universities, and colleges in the USA. Companies claim that they provide Enterprise-grade SMS Texting […]