A disgruntled Black Basta ransomware gang member has leaked extensive chat logs containing various details, including phishing templates and cryptocurrency addresses.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Global shipping company Hipshipper used by Amazon, eBay, and Shopify sellers has suffered a data leak exposing over 14 million shipping records containing personal information.
The total take for the Lazarus hackers was over 400,000 ETH and stETH valued at about $1.5 billion in total. The public report of the crypto theft triggered a wave of about 580,000 withdrawal requests. Bybit says that it has weathered that bank run.
U.S. federal authorities have warned about Ghost ransomware attacks targeting various industries, including critical infrastructure, in over 70 countries. “Beginning...
Talos confirms that at least one known Cisco bug, CVE-2018-0171, was likely to have been actively exploited by Salt Typhoon. But the researchers say that the primary approach was to target legitimate existing credentials, likely through a variety of methods.
North Korean hackers are using ClickFix social engineering tactics to compromise devices and perform data exfiltration in a highly focused cyber espionage campaign.
A security breach affecting the AI aggregator platform OmniGPT has leaked the sensitive information of 30,000 individuals including API keys, chat logs, and uploaded files.
A new report from cybersecurity firm Hudson Rock finds that infostealer malware is present on "thousands" of systems belonging to the US military and major defense contractors such as Boeing and Lockheed Martin.
A massive brute force password attack involving 2.8 million IP addresses targets VPN devices from various companies including Palo Alto Networks, Ivanti, and SonicWall.
Behavioral economics offers valuable insights into why humans fall for phishing and social engineering attacks. Bad actors in the world of cybersecurity prey upon these human tendencies to drive actions that put organizations at risk.










