30 Aug 2019

Malicious websites were used to secretly hack into iPhones for years, says Google

Threat actors may have hacked into thousands of iPhones via an “indiscriminate” attack involving a number of malicious websites, new research by Google shows. The websites were visited by thousands of users per week and according to Ian Beer of Google, “simply visiting the hacked site was enough for the

Read More
30 Aug 2019

Indictment of Capital One suspect alleges breaches of 30 companies, cryptojacking

The US Department of Justice (DoJ) is charging Paige Thompson, the person thought to be behind the massive Capital One data breach, with obtaining unauthorized access to the data of over 30 companies and of launching cryptojacking attacks on compromised company networks. Cryptojacking refers to the illegitimate use of a

Read More
28 Aug 2019

Some employees willing to use company data to snag job at competitor

A recent survey by Gurucul reveals that nearly one in four (24%) security experts would use information of their current company to help their chances of getting a better job at another firm. Some respondents admitted to stealing company data for this purpose by transferring it to a flash drive

Read More
16 Aug 2019

700,000 Choice Hotels records leaked in data breach, ransom demanded

Threat actors claim to have stolen 700,000 records containing personal information of Choice Hotels guests and want the hotel chain to pay 0.4 Bitcoin (over $4,000) for the data that had been stored in an unsecured MongoDB database. The exposed data includes guest names, email addresses, and phone numbers. Last

Read More
15 Aug 2019

Capital One hacker took data from more than 30 companies, new court docs reveal

New court documents relating to the massive Capital One data breach that impacts 106 million people in the US and Canada show that Paige A. Thompson, who is suspected of carrying out the hack, may have also stolen information from over 30 other organizations. US officials stated on Wednesday that

Read More
08 Aug 2019

Smominru hijacks half a million PCs to mine cryptocurrency, steals access data for Dark Web sale

  Carbon Black researchers are tracking a cryptomining campaign that has already infected more that 500,000 machines with Smominru malware that enslaves them into a massive botnet. According to a new report[pdf], the infected machines are used to mine Monero (XMR) and the malware is also capable of “access mining,”

Read More
06 Aug 2019

Secretive ‘Machete’ hacker group steals GBs worth of sensitive files from the Venezuelan military

A cyber espionage group called Machete has been stealing military documents via targeted malware attacks across Latin America, researchers with ESET have discovered. 75% of malware infections impact targets in Venezuela, but the attackers are also going after entities in Ecuador, Colombia, and Nicaragua. According to Matias Porolli of ESET,

Read More
06 Aug 2019

StockX was hacked, exposing millions of customers’ data

E-commerce platform StockX appears to have suffered a massive data breach exposing the personal information of millions of customers. While the stolen information is already for sale on the dark web, the company has yet to acknowledge the incident, according to a TechCrunch report. Last week, StockX reset all user

Read More
05 Aug 2019

As attackers get more creative, mobile threats and attacks increase in both quantity and impact

A new report by Zimperium highlights the growing threat of cyberattacks targeting mobile endpoints. According to the study, device threats affected more than one in four (27%) mobile endpoints in enterprises. Over two-thirds (68%) of malicious profiles involved elevated access that enabled attackers to exfiltrate data or compromise the network.

Read More
05 Aug 2019

FSI organizations are failing to assess their software for security vulnerabilities before release

Organizations in the Financial Services Industry (FSI) are doing a rather poor job at preventing cyberattacks, new research by Synopsys shows. The majority of FSI organizations have suffered a cyberattack that caused system failure and downtime (56%) or have had threat actors steal sensitive customer data (51%). Ransomware infections or

Read More