Social Media for Disneyland Hit by Account Takeover, Used for Demeaning Messages
Social media accounts belonging to Disneyland were compromised by an unknown party and used to post crude and offensive messages during a brief account takeover.
-
-
North Korean Hackers May Have Used Fake Job Offer To Pull Off Axie Infinity Crypto Theft
Platforms like LinkedIn sometimes make it difficult to filter fake job offers out from legitimate communications. This may have been exploited in the Axie Infinity crypto theft incident.
-
Social Engineering Responsible for Another Data Breach at a Marriott Location, 20GB of Data Stolen
A social engineering attack apparently ensnared a member of the BWI Airport Marriott staff, with the ensuing data breach leaking 20GB of data including credit card information.
-
Hacker Claims Theft of Personal Data of 1 Billion China Citizens From National Police Department, but Samples May Be From Smaller Prior Data Leaks
Hacker raised major alarms by offering the personal data of 1 billion China citizens for sale, but it may originate from prior known data leaks that comprise a much smaller total of records.
-
Series of DDoS Cyber Attacks on Lithuania Appear To Have Come From a Private Group of Russian Hackers
Russian hackers has taken responsibility for a hacking campaign in Lithuania that has seen primarily government services hit by distributed denial of service (DDoS) cyber attacks.
-
Ransomware-as-a-Service Group LockBit Offers Bug Bounty Program for Both Internal and External Vulnerabilities
While this latest gambit from ransomware-as-a-service gang LockBit is likely more of a publicity stunt than a genuine attempt at a bug bounty program, it reflects the comfort level that online criminals have settled into.
-
Crypto Hack of Blockchain Bridge Sees Criminals Exploit a Vulnerability for a Huge Payday
Blockchain bridges, and DeFi in general, struggle with the lack of the kind of “security first” perspective that is necessary in the modern threat landscape. The Horizon crypto hack joins the likes of the breaches of Axie Infinity and Wormhole.
-
Conti Group Dominated Pandemic-Era Ransomware Attacks With Professional Organization Structure
Everything that has been documented about Conti paints a picture of dedicated professionals that made an incredibly lucrative industry out of ransomware attacks. Highly prolific group conducted at least 850 successful attacks since 2020.
-
Security and Privacy Practices on C-Suite Personal Devices Are Poor; 90% Are Unsecured, 25% Are Already Compromised
A new study finds that among a sampling of 1,000 C-suite executives, 90% had no security and privacy protection software installed on their personal devices, and 25% already infected by malware.
-
OT Devices Used in Industrial Control Systems Have Dozens of Hard-to-Fix Vulnerabilities, Study Finds
Study lists a total of 56 vulnerabilities in at least 24 OT devices made by 10 different vendors, including pieces of equipment from big names in industrial control systems.
