December 28, 2023 at 04:20PM The popular Slay the Spire fan expansion, Downfall, was breached on Christmas Day, distributing the Epsilon information stealer malware via the Steam update system. The compromised package was a prepackaged standalone modified version of the game and not a mod installed via Steam Workshop. The attackers gained control of the … Read more
December 21, 2023 at 02:11PM First American Financial Corporation, the second-largest title insurance company in the U.S., experienced a cyberattack, leading to the shutdown of certain systems. This California-based company, with over 21,000 employees and annual revenue of $7.6 billion, faced a $1 million penalty for cybersecurity violations in 2019. Similarly, Fidelity National Financial also … Read more
December 18, 2023 at 10:03AM Former IT manager of a New Jersey high school, Conor LaHiff, admitted to cyberattacking his ex-employer following termination. He pleaded guilty to unauthorized damage to protected computers, targeting Apple and IT administrator accounts. His actions caused over $5,000 in losses to the school. LaHiff faces up to 10 years in … Read more
December 14, 2023 at 05:03AM The FBI, CISA, and other US government agencies have issued a security advisory about the Karakurt extortion gang, notorious for using harassment and IT exploitation to demand ransoms ranging from $25,000 to $13 million in Bitcoin. The gang uses various tactics and tools to exfiltrate massive amounts of data, with … Read more
December 12, 2023 at 08:48AM A review of the PSNI’s August data breach revealed vast impact on staff, including relocation for safety, mental health decline, and operational consequences. Failings in data protection and governance were highlighted, along with delayed audits and incomplete GDPR requirements. Staff responses varied, with some feeling resilient while others encountered significant … Read more
December 11, 2023 at 07:06AM In today’s digital age, businesses face increasing cyber threats, yet not all can afford a full-time CISO. Enter the vCISO, crucial in establishing and guiding an organization’s cybersecurity. The first 100 days are pivotal, and a five-step playbook offers valuable guidance, covering goals, pitfalls, and key activities to ensure success … Read more
December 11, 2023 at 06:06AM The upcoming webinar “Think Like a Hacker, Defend Like a Pro” unveils the alarming trend of social engineering in cyberattacks. Led by a 20-year veteran in information security, Tim Chase, the session promises expert insights into its evolution, tactics, and effective defense strategies. Don’t miss this valuable opportunity to empower … Read more
November 27, 2023 at 04:38AM The British Library, known for its public knowledge and vast collection of items, recently fell victim to a cybersecurity breach. Ransomware bandits stole HR data and disrupted the institution’s infrastructure, causing inconvenience to researchers and delaying their work. The attack on the British Library is just one of many corporate … Read more
November 25, 2023 at 05:08PM General Electric is investigating a cyberattack where a threat actor breached the company’s development environment and leaked allegedly stolen data. The hacker, known as IntelBroker, attempted to sell access to GE’s development and software pipelines on a hacking forum. They then posted that they are now selling both the network … Read more
November 23, 2023 at 12:03AM New Relic, a web tracking and analytics company, issued a security advisory to its customers about a recent cyber security incident. The advisory urges customers to remain vigilant for suspicious activity, but provides no further details about the nature of the incident. New Relic assures customers that they will be … Read more