Blog
-
Russian Crypto Exchanges Have Become a Vital Resource for North Korean Hackers
Report from Chainalysis finds that ties between North Korea’s state-backed APT groups and Russian cyber criminal cartels are deepening. In the past two years North Korean hackers are finding refuge at illicit Russian crypto exchanges to move their funds back home.
-
“Material Impact” From Clorox Cyber Attack to Include Lower First Quarter Results, Product Shortages
Product shortages and worse first quarter results than expected seem to be forthcoming for Clorox. A cyber attack that took place in mid-August caused a substantial ongoing disruption throughout the company.
-
Microsoft AI Researchers Misconfigure Storage Container, Exposing Hoard of Company Information in Data Leak
The core of this data leak is an oversight in creating SAS tokens for sharing purposes. The AI researchers had properly secured the account in all other aspects, but did not seem to realize that a URL shared on GitHub was misconfigured.
-
Password Spray Attacks Become a Potent Tool for Iranian Hackers Targeting Defense Organizations
A team of Iranian hackers that has been active since at least 2012 has been on a recent streak of targeting defense organizations, pharmaceutical companies and other high-value targets using password spray attacks.
-
Vegas Casinos Under Cyber Siege: Caesars Hit With Cyber Attack, Made Ransom Payment Just Before MGM Outages
Caesars Entertainment quietly made a ransom payment to resolve a cyber attack in August, just before rival company MGM was hit. Caesars paid $15 million, and does not appear to have experienced any disruption to its operations unlike MGM.
-
More Zero-Click Zero-Days From the Pegasus Spyware Prompt Apple to Issue New Security Patches
Despite Apple’s increased attention to bolstering iMessage against these sorts of zero-click attacks, the new Pegasus spyware zero-days are once again able to exploit target phones without the user clicking on or interacting with a message in any way.
-
Long Lines, Non-Functional Slot Machines at MGM Casinos After Cybersecurity Issue
After what MGM Resorts is thus far only describing as a “cybersecurity issue,” casinos in Las Vegas and throughout the US have been reduced to manual bookkeeping and reduced services.
-
Microsoft: Chinese Hackers Stole Signing Key via Internet-Facing Debugging Environment
The Microsoft report reveals several security oversights that might have acted as chokepoints to stop the Chinese hackers from successfully using the signing key had they been functioning as intended.
-
Information About Perimeter Security of UK Military Bases Exposed in Third-Party Data Breach
Zaun first reported that no client information was taken, before updating that assessment to disclose that information about military bases was stolen. Data breach was due to a Windows 7 PC in its facilities that was somehow internet-accessible.
-
No Signs of Cyber Insurance Market Becoming More Favorable to Buyers, According to Report
Cyber insurance is still expensive, harder than ever to get, and the situation will probably not change for at least a couple of years. The market is particularly hard on small businesses, who are increasingly being left with inadequate coverage options.