Recent Security News
-
US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website
November 17, 2023 at 11:15AM Wisconsin teenager Joseph Garrison has pleaded guilty to his involvement in hacking a fantasy sports and betting website. Garrison launched a credential stuffing attack, gaining access to approximately 60,000 user accounts. Together with others, he stole around $600,000 from 1,600 victim accounts. Garrison faces up to five years in prison…
-
In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit
November 17, 2023 at 11:15AM SecurityWeek’s weekly roundup highlights several cybersecurity stories. The world-renowned law firm Allen & Overy experienced a data breach by the LockBit ransomware group. The largest bank in China, Industrial and Commercial Bank of China, allegedly paid a ransom to the LockBit gang. Europol aided in the takedown of a vishing…
-
FCC Tightens Telco Rules to Combat SIM-Swapping
November 17, 2023 at 11:15AM The FCC has introduced new rules requiring wireless carriers in the US to give consumers more control over their mobile phone accounts to combat the rise in SIM-swapping and port-out fraud. Carriers must now notify customers of any SIM transfer requests to prevent cybercriminals from carrying out fraudulent activities. The…
-
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs
November 17, 2023 at 11:11AM Threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. The vulnerability, known as CVE-2023-37580, allowed the hackers to perform email forwarding, steal credentials, and lead victims to phishing pages. The attacks took place before Zimbra released an official…