Want to know more about this topic or about us? Contact us!
Events application Peatix this week disclosed a data breach, after user account information reportedly began circulating on Instagram and Telegram. Event-discovery application Peatix has disclosed a data breach, after ads for stolen user-account information were reportedly being circulated on Instagram and Telegram. In a data breach notice to affected users, . . . Read more
Users of the music streaming service were targeted by attackers using credential-stuffing approaches. Subscribers of Spotify streaming music service may have experienced some disruption, thanks to a likely credential-stuffing operation. Credential stuffing takes advantage of people who reuse the same passwords across multiple online accounts. Attackers will use IDs and . . . Read more
The information exposed in a public cloud bucket included PII, church-donation information, photos and users’ contact lists. The Christian faith app Pray.com has leaked private data for up to 10 million people, according to researchers. The app offers “daily prayer and Bible stories to inspire, educate and help you sleep” . . . Read more
A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what’s on offer. Cybercriminals are embracing cloud-based services and technologies in order to accelerate their attacks on organizations and better monetize their wares, researchers have . . . Read more
Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says. Three nation-state cyberattack groups are actively attempting to hack companies involved in COVID-19 vaccine and treatment research. Russia’s APT28 Fancy Bear, the Lazarus Group from North Korea and another North Korea-linked . . . Read more
The events giant faces a GDPR-related penalty in the U.K., and more could follow. Ticketmaster’s UK division has been slapped with a $1.65 million fine by the Information Commissioner’s Office (ICO) in the UK, over its 2018 data breach that impacted 9.4 million customers. The fine (£1.25million) has been levied . . . Read more
Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum.
Hacker forums are a rich source of threat intelligence. The Dark Web/Darknet continues to be an environment for bad actors to share stolen credentials and discuss successful attacks. In fact, in recent weeks, personal information from places ranging from education organizations to voter databases in the U.S. have been found . . . Read more
Following a Nov. 3 ransomware attack against Campari, Ragnar Locker group took out public Facebook ads threatening to release stolen data. The Ragnar Locker ransomware group has decided to ratchet up the pressure on its latest high-profile victim, Italian liquor conglomerate Campari, by taking out Facebook ads threatening to release . . . Read more
Slapdash setup of Trump website collecting reports of Maricopa County in-person vote irregularities exposed 163,000 voter data records to fraud, via SQL injection. A security flaw on a website set up to gather evidence of in-person voter fraud in Arizona would have opened the door for SQL injection and other . . . Read more