November 28, 2023 at 09:06AM Amir Hossein Golshan, a cybercriminal from Los Angeles, has been sentenced to 96 months in prison for engaging in multiple cybercrime schemes. He caused approximately $740,000 in losses to hundreds of victims through online scams and unauthorized account access. Golshan used SIM swapping to take control of victims’ social media … Read more
November 28, 2023 at 08:06AM A design flaw in Google Workspace’s domain-wide delegation (DWD) feature poses a serious security risk, allowing threat actors to gain unauthorized access to Workspace APIs. The flaw, called DeleFriend, can be exploited by manipulating existing delegations in Google Cloud Platform and Workspace. It enables theft of emails, data exfiltration, and … Read more
November 27, 2023 at 10:04AM Insider threats refer to the risk of authorized individuals with access to an organization’s systems or sensitive information exploiting that access in malicious ways, such as data theft, sabotage, unauthorized access, or introducing malware. Detecting and preventing such threats can be challenging because perpetrators often have legitimate credentials. Effective strategies … Read more
November 21, 2023 at 02:41PM A former executive from a healthcare network security firm pleaded guilty to intentionally compromising a Georgia hospital network for sales purposes. He gained unauthorized access to the phone system, causing it to go offline and accessed sensitive patient information. He also sent a message to printers on the network. He … Read more
November 20, 2023 at 04:36AM Between 2011 and 2015, Bitcoin wallets are vulnerable to an exploit called Randstorm that allows unauthorized access. Approximately 1.4 million bitcoins may be affected. Customers can check if their wallets are at risk on www.keybleed.com. The vulnerability stems from the use of BitcoinJS, an open-source JavaScript package for cryptocurrency wallets. … Read more
November 7, 2023 at 01:55PM Active cyberattacks targeting unpatched Atlassian Confluence Data Center and Server technology have increased the vulnerability’s CVSS score from 9.1 to 10, the most critical rating. All versions of Atlassian Confluence Data Center and Server are affected, except for cloud instances. The attacks exploit an improper authorization flaw, allowing unauthorized access … Read more
November 7, 2023 at 09:41AM Marina Bay Sands luxury resort and casino in Singapore has disclosed a data breach affecting 665,000 customers. The breach, discovered on October 20, allowed unauthorized access to personal data belonging to members of the resort’s loyalty program. Exposed information includes names, email addresses, phone numbers, and membership details. The breach … Read more
October 25, 2023 at 10:07AM Satellite systems play a critical role in communication, weather monitoring, navigation, and more, but they face numerous threats to their security and integrity. To address these challenges, a robust cybersecurity framework is needed, utilizing the NIST Cybersecurity Framework (CSF) steps: identify, protect, detect, respond, and recover. It is important to … Read more