Recent Security News
-
‘Midnight Blizzard’ Breached HPE Email Months Before Microsoft Hack
January 25, 2024 at 02:29PM Russian threat actor “Midnight Blizzard,” also known as Nobelium, breached both Hewlett-Packard Enterprise’s (HPE) and Microsoft’s email environments, exfiltrating data from senior leadership and other segments. Both companies were unaware of the breaches until months later, highlighting the threat’s insidious nature. The attack serves as a sobering reminder of the…
-
Russian TrickBot malware dev sentenced to 64 months in prison
January 25, 2024 at 01:56PM Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his involvement in creating and distributing the Trickbot malware. He pleaded guilty to charges of computer fraud and identity theft, and extradition to the US was completed in October 2021. Dunaev’s role in the…
-
iPhone apps abuse iOS push notifications to collect user data
January 25, 2024 at 01:38PM iOS apps are using push notifications to collect user data, bypassing Apple’s background app activity restrictions and posing a privacy risk for iPhone users. The practice involves transmitting device data to servers, potentially allowing persistent tracking. Apple plans to tighten restrictions on APIs for device signals to mitigate the issue,…
-
Abu Dhabi Investment Firm Warns About Scam Efforts
January 25, 2024 at 01:14PM Abu Dhabi-based investment firm National Investor alerts about fraudulent use of its name, logo, and employee names in online scams promoting fake investment opportunities and tenders. Scams involve soliciting personal, business, financial information. The firm’s warning comes after similar phishing messages impersonating official entities and manipulated search engine results related…
-
Protecting Children’s Data Needs to Be a Priority for All
January 25, 2024 at 01:07PM Summary: Organizations face a challenging cybersecurity landscape with cybercriminals using sophisticated tools to target schools, leading to a 300% increase in breaches. The value of children’s data makes them prime targets for fraud. Stakeholders need to prioritize cybersecurity, with a focus on training, collaboration, government initiatives, enterprise responsibility, and parental…