January 18, 2024 at 11:03AM Infostealer malware poses a significant risk to corporate information security by stealing credentials, cookies, and other data, leading to data breaches and ransomware distribution. Leaked credentials from breaches and infostealers are a substantial threat, prompting organizations to monitor and defend against them. Flare offers a solution to detect and mitigate … Read more
January 18, 2024 at 08:03AM Multi-factor authentication (MFA) is increasingly used by organizations to bolster security, as traditional password-only systems are vulnerable to cyberattacks. However, MFA spamming, a tactic where attackers inundate users with verification requests, poses a threat. Mitigation strategies include strong password policies, end-user training, rate limiting, and monitoring systems. Strengthening security measures … Read more
January 8, 2024 at 10:51AM Organizations must rethink helpdesk security in light of the MGM Resorts hack. Attackers used social engineering to impersonate an employee, bypassed verification systems, and executed a ransomware attack. Helpdesk training, multi-factor authentication, and secure communication channels are crucial for preventing such incidents. Specops Secure Service Desk offers advanced employee verification. … Read more
January 4, 2024 at 01:34PM According to 23andMe’s legal representatives, the data disaster in October was allegedly caused by users’ poor password practices, while the biotech company’s infrastructure management was not to blame. The company pointed to users recycling compromised credentials as the main reason for the security breach. This response has been widely criticized … Read more
January 3, 2024 at 12:22PM LastPass now requires all users to create a 12-character master password for increased security. They will also check passwords against breached credentials and enforce multi-factor authentication. These changes were prompted by security breaches in 2022 that led to stolen customer data. LastPass is emailing customers about these updates, impacting millions … Read more
December 21, 2023 at 01:08PM Security strategies often lag behind offensive attack tactics, leaving companies vulnerable to evolving threats. The help desk is particularly at risk, as cybercriminals target it to gain network access. Many companies lack robust validation procedures for help desk requests, making them susceptible to social engineering attacks. Strong security measures are … Read more
December 19, 2023 at 06:51AM Comcast’s Xfinity informed customers of a cybersecurity breach due to the CitrixBleed vulnerability, compromising usernames, passwords, and personal information. Despite promptly patching the flaw in its systems, the breach was confirmed, prompting password resets and multi-factor authentication. The CitrixBleed vulnerability has been implicated in numerous global attacks, affecting various organizations. … Read more
December 18, 2023 at 11:29AM The FBI, CISA, and ASD’s ACSC jointly warn that the Play ransomware gang has targeted approximately 300 organizations globally between June 2022 and October 2023, impacting critical infrastructure. The group employs unconventional tactics, including stealing sensitive data and using a custom VSS Copying Tool. Organizations are urged to address vulnerabilities … Read more
December 17, 2023 at 04:48PM Database company MongoDB reported a hack of its corporate systems, disclosing that customer account metadata and contact information were part of the stolen data. The company detected suspicious activity on December 13th and confirmed later that hackers had access to its systems before discovery. MongoDB recommended customer vigilance against potential … Read more
December 17, 2023 at 12:24AM On Dec 13, 2023, MongoDB detected unauthorized access to its systems, leading to exposure of customer data. The company recommends customers to watch out for social engineering and phishing attacks, enforce MFA, and rotate their MongoDB Atlas passwords. Additionally, MongoDB is experiencing login issues, unrelated to the security event. Further … Read more