Neopets virtual pet website suffered a data breach that allowed hackers to access the platform's source code and personal information of 69 million users. Hacker continues to maintain access after confirmed data breach.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Since June, some ransomware gangs have begun incorporating search functions into their data leak sites, making stolen data more accessible to put added pressure on victims.
MiCODUS MV720 vehicle GPS tracker has sold some 1.5 million units across 169 countries and used in military vehicles, government cars, etc. Of the six serious vulnerabilities, one is a hard-coded password that allows anyone to send commands to the GPS units.
Combining elements of information security, business continuity, and organizational resilience, a cyber resilience strategy can enable rapid recovery from an inevitable attack with little to no operational disruption.
Hackers were impersonating cybersecurity companies by sending phishing emails asking the target to callback to resolve potential network compromise. Victims are then guided to install remote administration tools.
The future of ASM will include the ability to easily access all the information needed to make risk-based business decisions, with both IT and lines of business completely aligned.
Microsoft discovered a coordinated phishing campaign targeting Office 365 users and leveraging an Adversary-in-the-Middle (AiTM) MFA bypass to execute business email compromise (BEC) attacks and commit fraud.
Fake crypto apps have grown to be a significant problem in the United States, with the FBI reporting a flurry of activity since October 2021. The agency has logged at least 244 victims during this period.
Cyber insurance has become fiendishly difficult and extremely expensive to secure and maintain. Businesses looking to obtain cyber insurance would be wise to adhere to the principles of Zero Trust Architecture (ZTA).
The Cyber Safety Review Board finds that the open source community is "under-equipped" to fully deal with the Log4j vulnerability and that it will be making appearances in the wild for "a decade or more."









