July 8, 2024 at 04:39PM In May 2024, luxury retailer Neiman Marcus experienced a data breach, exposing over 31 million customer email addresses. The breach also compromised sensitive information including names, contact details, and gift card details. Neiman Marcus linked the incident to the Snowflake data theft attacks and negotiations with the threat actor are … Read more
July 5, 2024 at 11:57AM A new ransomware-as-a-service (RaaS) called Eldorado has emerged, targeting both Windows and Linux platforms. The ransomware aims to encrypt files and extort victims. Group-IB researchers have noted the malware’s capabilities and provided defense recommendations, including implementing multi-factor authentication, utilizing endpoint detection, taking regular backups, educating employees, and refraining from paying … Read more
July 1, 2024 at 02:32PM An Australian man has been charged by Australia’s Federal Police for conducting “evil twin” WiFi attacks on domestic flights and airports in Perth, Melbourne, and Adelaide. The man set up fake WiFi networks to steal people’s email and social media credentials, exposing them to potential data theft and other cybercrimes. … Read more
June 25, 2024 at 04:31PM Neiman Marcus’s customer information, including names, contact details, gift card numbers, and more, was stolen and offered for sale on the dark web. While the breach did not include credit card data, it prompted the luxury retailer to disable access to the cloud service, engage cybersecurity experts, and notify law … Read more
May 23, 2024 at 02:59PM A Moroccan cybercrime group, Storm-0539, has evolved the gift card scam by targeting retailer systems to create and cash out gift cards. Utilizing social engineering and phishing, they compromise employee accounts to gain access. Microsoft reports a surge in their activity, advising organizations to adopt stringent security measures to combat … Read more
May 8, 2024 at 01:31PM The FBI warns of Storm-0539, a hacking group targeting retail employees’ personal and work devices with phishing attacks. Once infiltrated, the attackers move laterally through the network to compromise gift card business processes and generate fraudulent gift cards. To defend against these attacks, the FBI advises corporations to review incident … Read more
April 26, 2024 at 07:00AM Endpoints are the gateway to a business’s digital kingdom, making them prime targets for hackers. The IDC reports 70% of successful breaches start at the endpoint. To improve endpoint security, start with the top 10 must-know tips in this guide. Covering strategies like proactive patching and multi-factor authentication, it’s a … Read more
March 8, 2024 at 10:34AM Microsoft discovered that the Russian hacking group ‘Midnight Blizzard’ accessed their internal systems and source code after stealing authentication secrets in January. They gained access using a non-production test account without multi-factor authentication. Microsoft is informing affected customers and increasing security measures to defend against these advanced persistent threats. From … Read more
February 12, 2024 at 05:39AM This article discusses the challenges associated with Incident Response (IR) and the critical role of identifying compromised user accounts in containing and mitigating cyber attacks. It introduces Silverfort’s Unified Identity Protection Platform, highlighting how its real-time Multi-Factor Authentication (MFA) and identity segmentation address blind spots and accelerate the IR process, … Read more
January 26, 2024 at 07:39PM Microsoft confirmed that a Kremlin-backed espionage group, Midnight Blizzard, breached its network through a non-MFA-enabled account, stealing emails and files from executives. The attackers used password spray attacks to gain access and leverage residential networks as proxies. Microsoft is urging the adoption of MFA and enhancing security measures to prevent … Read more