JD Sports has advised its customers to change their passwords after the discovery of a cyberattack that may have resulted in the exposure of data belonging to 10 million customers. JD Sports notified its users of the breach via email, stating that the attack impacts customers who placed orders between

SentinelLabs recently attributed a new string of attacks targeting East Asian organizations to a threat actor referred to as DragonSpark. SentinelLabs stated that the campaign leverages a rare open-source SparkRAT and malware tools to evade detection through source code interpretation techniques. The techniques are based on the Go programming language.

Microsoft has confirmed that it plans to change its software to automatically block all XLL add-in files that have been downloaded from the internet. The reasoning behind the update is to prevent phishing attacks and malware downloads that rely on these types of lures. Microsoft stated that the plans will

Zendesk, a customer service solutions provider, has suffered from a data breach that occurred due to a SMS phishing attack launched against its employees. At least one employee fell for the phishing attack, enabling the attackers to steal the employee’s credentials. Last week, cryptocurrency trading and portfolio management company Coinigy

The US Government Accountability Office (GAO) released a report last Thursday highlighting federal agencies’ failure to implement cybersecurity recommendations. The GAO found that 60% of the cybersecurity recommendations made by the office since 2010 have not been implemented. The GAO stated that the failure to follow the recommendations results in

The FBI has announced that it confirmed a link between North Korean hackers and the $100 million Horizon Bridge Heist that occurred in June 2022. Horizon bridge is a platform designed to enable cryptocurrency holders to transfer assets between networks such as the Ethereum Network, Binance Chain, Bitcoin, and Harmony’s

An app operated by India’s Education ministry contained a security lapse that resulted in the exposure of personally identifying information belonging to millions of students and teachers. The information was exposed for over a year, the ministry confirmed. The app in question is the Digital Infrastructure for Knowledge Sharing app,

CircleCI has confirmed that a data breach that impacted the integration and delivery platform was the result of an infostealer deployed to an employee’s laptop. The breach occurred on January 4, 2023 and the company identified the incident after detecting the presence of an unauthorized third party. The information stealer

Recorded Future has released a report that describes how the Russian invasion of Ukraine in early 2022 led to a 62% decrease in stolen payment card records. The records were later published to the dark web on cybercrime underground forums. The report details all payment fraud trends and information from

Liquor Control Board of Ontario (LCBO), a Canadian liquor distributor, has announced that it fell victim to a web skimmer that was injected into its online store. The skimmer was used by malicious actors to steal personal information belonging to customers of the site. LCBO is a major distributor of