In October 2024, the fantasy sports platform SuperDraft suffered a data breach that exposed over 300k customer records. The breach contained 24GB of data including email addresses, usernames, transactions, latitudes and longitudes, dates of birth and bcrypt password hashes. This…
Tag: EN
Advancements in Machine Identity Protections
The Strategic Importance of Non-Human Identities Are we taking the necessary steps to secure our machine identities, or are we leaving our systems exposed to potential attackers? Non-Human Identities (NHIs) play a critical role in maintaining secure cloud environments. In…
DoJ charged three Russian citizens with operating crypto-mixing services
The U.S. Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency. The U.S. Department of Justice (DoJ) charged Russian national Roman Vitalyevich Ostapenko, Alexander Evgenievich Oleynik, and Anton Vyachlavovich Tarasov with operating crypto-mixing…
DEF CON 32 – Porn & Privacy – ET
Author/Presenter: ET Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post…
Japan Attributes Ongoing Cyberattacks to China-Linked MirrorFace Group
Japan’s National Police Agency (NPA) and the National Centre of Incident Readiness and Strategy for Cybersecurity (NISC) have officially attributed a prolonged cyberattack campaign targeting Japanese organizations and individuals since 2019 to the China-linked threat actor MirrorFace, also known…
New Variant of Banshee Stealer Targets macOS with Enhanced Evasion Tactics
Cybersecurity researchers have identified a dangerous new version of Banshee Stealer, a sophisticated malware specifically targeting macOS users. This updated strain is designed to bypass antivirus defenses and steal sensitive data from millions of macOS devices. Originally detected in…
India Proposes New Draft Rules Under Digital Personal Data Protection Act, 2023
The Ministry of Electronics and Information Technology (MeitY) announced on January 3, 2025, the release of draft rules under the Digital Personal Data Protection Act, 2023 for public feedback. A significant provision in this draft mandates that parental consent must…
Fake CrowdStrike Recruiters Distribute Malware Via Phishing Emails
SUMMARY Cybercriminals are deploying a tricky new phishing campaign impersonating the cybersecurity firm CrowdStrike‘s recruiters to distribute a… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: Fake CrowdStrike Recruiters…
Guardians Of the Grid
The surge in cyberattacks and the emerging role of Generative AI The importance of cyber security tools in protecting sensitive information, sustaining organization’s resilience and enabling business continuity during hostile… The post Guardians Of the Grid appeared first on Cyber…
Mapping Out Your Enterprise Digital Footprint to Avoid Cyber Risks
Most people have an approximate idea of what a digital footprint is. They know that it’s got something to do with the impact a person’s identity has on the internet. What most don’t realise is the potential extent of a…
California Man Sues Banks Over $986K Cryptocurrency Scam
Ken Liem, a California resident, has filed a lawsuit against three major banks, accusing them of negligence in enabling a cryptocurrency investment scam. Liem claims he was defrauded of $986,000 after being targeted on LinkedIn in June 2023 by a…
Fake PoC Exploit Targets Cybersecurity Researchers with Malware
A fake proof-of-concept (PoC) exploit designed to lure cybersecurity researchers into downloading malicious software. This deceptive tactic leverages a recently patched critical vulnerability in Microsoft’s Windows LDAP service (CVE-2024-49113), which can cause denial-of-service attacks. This article has been indexed from…
Exploring CVSS 4.0’s Impact on Vulnerability and Threat Management
The Common Vulnerability Scoring System (CVSS) offers a standardized framework for characterizing and scoring vulnerabilities, helping the effort for vulnerability risk assessment. The release of CVSS 4.0 in November 2023 marked a… The post Exploring CVSS 4.0’s Impact on Vulnerability and Threat…
The Case of Email Spoofing: How to Identify And Avoid Email Attacks
Email has a lot going for it. It’s quick, easy, and incredibly widely used. However, just like every other remote form of communication, it faces a glaring challenge. How can an email recipient be absolutely sure that the email is…
Threat Modeling Processes and Methods That Strengthen Cybersecurity
It’s dangerous out there. Cybersecurity threats are rampant and a system that doesn’t have adequate protection is a system that is welcoming attack. This is as true of a banking app as of a cloud PBX system. Thankfully, there are…
U.S. cannabis dispensary STIIIZY disclosed a data breach
US marijuana dispensary STIIIZY warns customers of leaked IDs and passports following a November data breach. US marijuana dispensary STIIIZY disclosed a data breach after a vendor’s point-of-sale system was compromised by cybercriminals. The security breach exposed customer data and…
Understanding User Behavior Monitoring for Stronger Cybersecurity
The stark reality is that cyberattacks are no longer distant threats. In 2024, they pose a real and immediate risk to every business. In fact, last year we saw a 72% rise in security breaches when compared to 2021, which…
Muddling Meerkat Linked to Domain Spoofing in Global Spam Scams
Infoblox cybersecurity researchers investigating the mysterious activities of ‘Muddling Meerkat’ unexpectedly uncovered widespread use of domain spoofing in malicious spam campaigns. This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article:…
A novel PayPal phishing campaign hijacks accounts
Fortinet warns of a phishing campaign using legitimate links to hijack PayPal accounts, tricking users into granting unauthorized access. Fortinet uncovered a phishing campaign targeting PayPal users. The scheme employs legitimate links to deceive victims and gain unauthorized access to…
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content. The tech…