Uber suffers new data breach after attack on vendor, info leaked online
Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset…
DHS Cyber Safety Board to review Lapsus$ gang’s hacking tactics
The Department of Homeland Security (DHS) Cyber Safety Review Board will review attacks linked to an extortion group known as Lapsus$, which breached…
MFA Fatigue attacks are putting your organization at risk
A common threat targeting businesses is MFA fatigue attacks—a technique where a cybercriminal attempts to gain access to a corporate network…
Cookies for MFA Bypass Gain Traction Among Cyberattackers
Multifactor authentication has gained adoption among organizations as a way of improving security over passwords alone, but increasing theft of…
Why CVE Management as a Primary Strategy Doesn’t Work
With only about 15% of vulnerabilities actually exploitable, patching every vulnerability is not an effective use of time.
Brazilian Police Nab Suspected Member of Lapsus$ Group
Lapsus$ Group became a top target after it breached the Brazilian Ministry of Health, among other targets.
Why Don’t CISOs Trust Their Employees?
Executives fear "malicious insiders" as top cyber threat to companies, research shows. Reasonable steps to secure and monitor systems may…
Should Hacking Have a Code of Conduct?
For white hats who play by the rules, here are several ethical tenets to consider.
UK Police arrests teen believed to be behind Uber, Rockstar hacks
The City of London police announced on Twitter today the arrest of a British 17-year-old teen suspected of being involved…
Threat Actor Abuses LinkedIn’s Smart Links Feature to Harvest Credit Cards
The tactic is just one in a constantly expanding bag of tricks that attackers are using to get users to…