Blog
-
Cyber Events Hold Their Place as Top Risk to Businesses in Annual Survey
The 2024 Allianz survey of top risks set at least one new record for its thirteen-year history: this is the first time that every size of business reported cyber events as their leading concern.
-
Russian Hackers Keeping Busy as HPE Deals With Email Security Breach
The perpetrator of a recent attack on Microsoft also seems to have been behind a December security breach of Hewlett Packard Enterprise (HPE), the second time it hit the company in the space of a year.
-
Data Leaks Become Even More Centralized With “Mother of All Breaches” Spanning 26 Billion Records
The new MOAB is by far the largest COMB or “combo file” spans some 26 billion records in total and seems to include nearly all of the big data leaks of the past decade and beyond.
-
Another Security Breach at Microsoft by Russian State Sponsored Hackers; Does Redmond Have a Defense Problem?
While a break-in by a group of Russian state sponsored hackers might initially seem understandable, the Microsoft security breach was eventually traced back to a simple password spray on a legacy test account with some questionable permissions.
-
Have I Been Pwned Incorporates Huge “Naz.API” Data Set of 70 Million Leaked Credentials
Dataset contains some 24 million email addresses that security researchers say were not previously logged by Have I Been Pwned, and many of the leaked credentials are accompanied by plaintext passwords.
-
Emerging Threat of Crypto Drainers: Inferno Malware Stole $87 Million From 130,000 Victims
Crypto drainers in an “as a service” model burst onto the scene in 2022, but 2023 was the year that they ascended to “major threat” status. Inferno malware is thus far the most successful example in terms of victim count (about 130,000) and stolen assets (about $87 million worth).
-
AI Developers Face an Onslaught of Cyber Threats From Low-Tech Attackers
AI models rely heavily on huge troves of data to train, and according to NIST that presents a serious challenge for the industry that has no easy solutions. The NIST paper goes into impressive detail about all of the cyber threats that can be anticipated at this point, and should be required reading for AI…
-
Bitcoin ETF Debacle Demonstrates the Power of Fake News, Value of Hacked X Accounts
Hackers broke into the SEC’s X account to issue a fake announcement that Bitcoin ETF has been approved, luring major crypto exchanges (and even major news outlets) into signal-boosting the fake news.
-
Customers of Ukraine’s Leading Telecoms Provider May Have Had Accounts Compromised by Russian Hackers in 2023
The operation is thought to have begun in March of last year, and the Russian hackers likely had access from May, but wide-ranging access to the telecoms provider’s full network was established by November.
-
How Much Responsibility for a Data Breach Falls on Password Recycling? According to 23andMe, All of It
23andMe seems committed to “it’s the customer’s fault” as their means of legal defense in the data breach suit, no matter how legally viable it might be or how much PR damage it might do. It will be interesting to see if the company actually improves its position.