IT Security News Daily Summary 2023-03-05 Credential Stuffing attack on Chick-fil-A impacted +71K users How to avoid billion-dollar fines due to unsecured messaging apps New CISO appointments, February 2023 Iron Tiger updates malware to target Linux platform BrandPost: It’s Time…
IT Security News Daily Summary 2023-03-05
Credential Stuffing attack on Chick-fil-A impacted +71K users How to avoid billion-dollar fines due to unsecured messaging apps New CISO appointments, February 2023 Iron Tiger updates malware to target Linux platform BrandPost: It’s Time to Create More Opportunities for Women…
Credential Stuffing attack on Chick-fil-A impacted +71K users
American fast-food restaurant chain Chick-fil-A reported that the accounts of over 71K users were compromised as a result of a credential stuffing campaign. The American fast-food restaurant chain Chick-fil-A notified over 71K users that their accounts have been compromised in…
How to avoid billion-dollar fines due to unsecured messaging apps
End-to-end encryption is one key to securing an enterprise’s internal messaging. Read about encryption and other essentials here. This article has been indexed from Security News | VentureBeat Read the original article: How to avoid billion-dollar fines due to unsecured…
New CISO appointments, February 2023
The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the…
Iron Tiger updates malware to target Linux platform
Iron Tiger, an advanced persistent threat (APT) group, has updated their SysUpdate malware to include new features and add malware infection support for the Linux platform, according to a report by Trend Micro. The earliest sample of this version was…
BrandPost: It’s Time to Create More Opportunities for Women in Cybersecurity
Undoubtedly, our industry needs to create more initiatives to attract a more diverse group of professionals—including women—to STEM-focused careers like cybersecurity. While we’ve collectively made some progress on this front, a great deal of work still needs to be done…
HPE to acquire Axis Security to deliver a unified SASE offering
Hewlett Packard Enterprise has agreed to buy cloud security services provider Axis Security, its third acquistion since January, to deliver a unified secure access service edge (SASE) offering. The acquisition is aimed at incorporating the Axis security service edge (SSE)…
Dubai’s Crypto Industry Introduces New Licensing Regulations
The crypto industry in Dubai is witnessing a huge breakthrough since the jurisdiction has recently come up with its new crypto regulatory framework, apparently providing individuals with a concrete licensing regime for their digital asset issues and service vendors. The…
A GoAnywhere MFT hack Exposes Hatch Bank’s Data Breach
Hackers exploited a zero-day vulnerability in Hatch Bank’s internal file transfer software, allowing access to thousands of Social Security numbers from customers, according to Hatch Bank, a digital-first bank that provides infrastructure for fintech companies offering their brand credit…
Crypto Scammer Monkey Drainer Shuts Down Criminal Operations
Cyber threats are not new in the crypto space. The industry has been witnessing advanced cyber security attacks since its inception and even recorded more during the 2022 crypto winter, especially in the DeFi Sector. According to Yahoo Finance, the…
For Your Mid to Large-Sized Firm, Here Are Four Best Cybersecurity Practices
As technology advances and becomes more sophisticated, cybercriminals continue to look for new ways to take advantage of enterprises. A cyber attack could result in financial loss, loss of reputation, and legal repercussions, among other catastrophic and permanent harms.…
Digital Resignation is Initial Stage of Safeguarding Privacy Online
Several internet businesses gather and use our personal information in exchange for access to their digital goods and services. With the use of that data, they can forecast and affect our behavior in the future. Recommendation algorithms, targeted marketing,…
Browser Security report reveals major online security threats
LayerX has published its annual browser security report in which the company highlights the most prominent browser security risks of 2022. The report includes predictions and recommendations for 2023 as well. The […] Thank you for being a Ghacks reader.…
Beware of Bot Malware: Understanding the Dangers and How to Protect Your Computer
How Bot Malware Spreads and Infects Your Computer Bot malware, also known as botnet malware, is a type of malicious software designed to create a network of infected computers or “bots” that can be remotely controlled by a hacker. These…
Best Ways To Change Your Password On A Chromebook
Passwords are the keys to our security on the internet, and thus mustn’t be taken for granted. Thanks to browsers’ options, our passwords can be easily saved, without further need to type […] Thank you for being a Ghacks reader.…
Stay Ahead of the Game: How AI Can Help You Avoid Cybersecurity Traps
I have never been a victim of cyber threats, but from what I’ve heard, the effects are devastating. Cybersecurity officers and consultants work tirelessly to implement security strategies to fight hackers. Artificial […] Thank you for being a Ghacks reader.…
Week in review: LastPass breach, GCP data exfiltration, UEFI bootkit
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google Cloud Platform allows data exfiltration without a (forensic) trace Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving…
Cyberattack on British Retailer WH Smith Exposes Employees` Data
Threat actors breached WH Smith, the 1,700 locations UK retailer, and exposed data belonging to current and former employees. WH Smith has more than 12,500 employees and reported a revenue of $1.67 billion in 2022. What Kind of Data Was…
Chinese Hackers Are Using a New Backdoor to Deploy Malware
This year, the Chinese cyberespionage group Mustang Panda began deploying a new custom backdoor named ‘MQsTTang’ in attacks. This advanced persistent threat (APT), also known as TA416 and Bronze President, targets organizations worldwide with customized versions of PlugX malware. In January…
How Royal Ransomware Could Wreak Havoc on the U.S. Digital Economy
Earlier this year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an advisory regarding the Royal Ransomware gang. The Royal Ransomware group first appeared in the United States in September 2022—the U.S. Health and Human Services Cybersecurity Coordination Center…
Scanning Attack: What It Is and How to Protect Your Organization Against It?
A scanning attack is a method used by threat actors to identify vulnerabilities in a network or system. Scanning attacks typically involve using automated tools to scan for open ports, vulnerabilities, and other weaknesses that can be exploited to gain…
LBB – 39,288 breached accounts
In August 2022, customer data of the Indian shopping site "LBB" (Little Black Book) was posted to a popular hacking forum. The data contained over 3M records with 39k unique email addresses alongside IP and physical addresses, names and device…
Cyber Security Management System (CSMS) for the Automotive Industry
How to use Bitwarden passwords on the go
Bitwarden is a popular password management service. It is available as a web-version, as desktop applications, mobile apps and as browser extensions. Since it is cloud-based, passwords and other data stored in […] Thank you for being a Ghacks reader.…
Play Ransomware gang has begun to leak data stolen from City of Oakland
The Play ransomware gang has finally begun to leak the data stolen from the City of Oakland in a recent attack. The Play ransomware gang has begun to leak data they have stolen from the City of Oakland (California) in…
RADIUS server authentication: Old but still relevant
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. A radius server uses a network protocol for…