JD Sports Confirms Breach Affected 10 Million Customers
JD Sports has advised its customers to change their passwords after the discovery of a cyberattack that may have resulted in the exposure of data belonging to 10 million customers. JD Sports notified its users of the breach via email, stating that the attack impacts customers who placed orders between
DragonSpark Hackers Evade Detection With SparkRAT and Golang
SentinelLabs recently attributed a new string of attacks targeting East Asian organizations to a threat actor referred to as DragonSpark. SentinelLabs stated that the campaign leverages a rare open-source SparkRAT and malware tools to evade detection through source code interpretation techniques. The techniques are based on the Go programming language.
Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery
Microsoft has confirmed that it plans to change its software to automatically block all XLL add-in files that have been downloaded from the internet. The reasoning behind the update is to prevent phishing attacks and malware downloads that rely on these types of lures. Microsoft stated that the plans will
Zendesk Hacked After Employees Fall for Phishing Attack
Zendesk, a customer service solutions provider, has suffered from a data breach that occurred due to a SMS phishing attack launched against its employees. At least one employee fell for the phishing attack, enabling the attackers to steal the employee’s credentials. Last week, cryptocurrency trading and portfolio management company Coinigy
Most Federal Agencies Ignored GAO’s Cybersecurity Recommendations
The US Government Accountability Office (GAO) released a report last Thursday highlighting federal agencies’ failure to implement cybersecurity recommendations. The GAO found that 60% of the cybersecurity recommendations made by the office since 2010 have not been implemented. The GAO stated that the failure to follow the recommendations results in
FBI Confirms North Korean Hackers Behind $100 Million Horizon Bridge Heist
The FBI has announced that it confirmed a link between North Korean hackers and the $100 million Horizon Bridge Heist that occurred in June 2022. Horizon bridge is a platform designed to enable cryptocurrency holders to transfer assets between networks such as the Ethereum Network, Binance Chain, Bitcoin, and Harmony’s
A Major App Flaw Exposed the Data of Millions of Indian Students
An app operated by India’s Education ministry contained a security lapse that resulted in the exposure of personally identifying information belonging to millions of students and teachers. The information was exposed for over a year, the ministry confirmed. The app in question is the Digital Infrastructure for Knowledge Sharing app,
CircleCI Confirms Data Breach Was Caused By Infostealer on Employee Laptop
CircleCI has confirmed that a data breach that impacted the integration and delivery platform was the result of an infostealer deployed to an employee’s laptop. The breach occurred on January 4, 2023 and the company identified the incident after detecting the presence of an unauthorized third party. The information stealer
Russia’s Ukraine War Drives 62% Slump in Stolen Cards
Recorded Future has released a report that describes how the Russian invasion of Ukraine in early 2022 led to a 62% decrease in stolen payment card records. The records were later published to the dark web on cybercrime underground forums. The report details all payment fraud trends and information from
Website of Canadian Liquor Distributor LCBO Infected With Web Skimmer
Liquor Control Board of Ontario (LCBO), a Canadian liquor distributor, has announced that it fell victim to a web skimmer that was injected into its online store. The skimmer was used by malicious actors to steal personal information belonging to customers of the site. LCBO is a major distributor of