Since these are ransomware groups after all, the retirement announcements may well be FUD to cover strategic retreats and rebrands after an extended period of high-level exposure. But at least for the moment some of the world's most significant threats such as Scattered Spider, ShinyHunters, and Lapsus$ appear to be out of the game.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Kering subsidiaries Gucci, Balenciaga, and Alexander McQueen have suffered a massive data breach exposing the personal information of millions of luxury apparel customers.
A new CVE program roadmap outlines planned enhancements, such as better identification and prioritization of the most immediate software threats and additional participation by an assortment of security researchers and open-source experts from around the globe.
Where encryption was once the central aim of ransomware attacks, it has now been relegated to a supporting role, and data exfiltration has become the weapon of choice.
Students are responsible for most school data breaches in the U.K., usually involving compromised, leaked, or weak credentials, setting them up for a life of cybercrime.
Hackers injected malicious code into nearly a dozen 20 NPM packages with billions of weekly downloads in a software supply chain attack after phishing a maintainer’s account.
Meta warns that a WhatsApp vulnerability on Apple devices allowed hackers to target some users with zero-click spyware. WhatsApp describes the zero-day vulnerability as “incomplete authorization of linked device synchronization messages.
Qantas has announced a new compensation policy that reduces executive bonuses for the CEO and their team when damaging cybersecurity incidents take place. The recent data breach will cost Qantas CEO Vanessa Hudson AUD 250,000 of her expected total annual compensation of AUD 6.3 million.
A cyber attack has caused severe operational disruptions across Jaguar Land Rover facilities, affecting production, sales, parts supplies, and auto repair workshops.
An as-of-yet undiagnosed compromise of the Salesloft Drift AI-driven platform has led to a rash of stolen OAuth tokens, in turn creating downstream breaches at some of the biggest names in the cybersecurity industry.










