MetaMask, a popular crypto wallet app, has a default setting, apparently unbeknownst to many users, that automatically writes the recovery seed phrase for the wallet to the user's iCloud backups.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
GitHub says that the OAuth tokens were not stolen via a breach of its own systems, but that dozens of private repositories were accessed. OAuth tokens that were issued to two third-party integrators, Heroku and Travis-CI.
As children spend more time online and engage with devices at an earlier age, it becomes a collective responsibility of parents, teachers, schools, governments, and businesses to help create a safer internet for children.
The Beanstalk attacker managed to get away with $80 million in illicit crypto funds, though the DeFi platform is looking at a total $182 million loss due to remediation and a sharp value drop that sent the token from $1 to 11 cents in value overnight.
Panasonic's Canadian operation suffered a targeted cyber attack with the Conti Ransomware gang taking responsibility and claiming to have stolen 2.8 GB of corporate documents.
Organizations face the challenge of simultaneously streamlining access to valuable data while securing and protecting it. We can meet this challenge by moving to a data-centric security model. This is a transformation, and it only works if the whole organization gets on board with this operating model.
The US Treasury Department has linked North Korea's state-sponsored Lazarus hacking group to the $625 million breach of the Ronin network. The crypto theft was the largest to ever happen to a DeFi platform in terms of unrecovered funds.
The company arranged a payment of $200,000 through a third party, but customer data from the T-Mobile hack was subsequently seen for sale on dark net forums.
US intelligence agencies have issued a public warning indicating that APT groups have developed a "mutli-tool" malware kit that targets a commonly used range of industrial control systems.
Bolstering resistance to devastating electronic attacks requires organizations to take a resilience-oriented approach to cybersecurity. This article offers guidance on a starting point, viewed through the lens of the people, process, and technology dimensions.










