Threats & Breaches
Maropost customer database exposes 95 million email records
A leaky online database belonging to marketing and email delivery provider Maropost was found lacking minimum security measures, exposing 95 million email records belonging to their customers. Researchers from Cybernews stumbled on ...
UK Cyber Body Offers Practical Guidelines on Dealing with Coronavirus-Themed Cyber Threats
The National Cyber Security Centre, the UK’s independent authority on cybersecurity, has released practical advice for individuals and organizations on how to deal with coronavirus-related malicious cyber activity. In a joint announcement ...
Contrast Labs: Mapping Risk Profiles for Select OWASP Top 10 Vulnerabilities to Understand Their AppSec Risk
At Contrast Security, the Contrast Labs team is charged with numerous things. Part of this charter includes looking at threat intelligence and understanding the true threat landscape. This encompasses risks that different ...
Social Engineering Attacks: A Look at Social Engineering Examples in Action
Social engineering is a commonly used tactic that was used in 33% of data breaches in 2018, according to Verizon’s 2019 Data Breach Investigation Report — here’s what social engineering... The post ...
Bad actor steals $250,000 from Bisq users after faulty security patch
Bisq, a decentralized crypto exchange network, was forced to disable trading on Tuesday after the discovery of a critical security vulnerability. The open source peer-to-peer application allows Bitcoin aficionados to buy or ...
Report Details COVID-19 Phishing Attacks Based on Emails From White House
COVID-19 phishing attacks are taking twist by impersonating messages from the White House. Research published by INKY, a provider of tools for identifying phishing attacks using machine learning algorithms and advanced analytics, ...
Surge in Online Shopping Drives Major Increase in Coronavirus-Themed Fraud Attempts
Attempts to defraud consumers are on the rise, as scammers exploit the surge in online activity during the COVID-19 lockdown. Merchants are starting to suffer dramatic increases in COVID-19-related phishing activities, with ...
What Security Leaders Should Consider When Building a Business Case for Integrity Monitoring
We all know there are a number of different security devices that need to be continually monitored because they represent attack vectors. That’s why understanding configuration management is critical to security hygiene ...
Why “Shift Left” in DevOps is really “Shift Center”
In an industry full of acronyms and buzz words, the term “shift left” surfaced as a result of organizations waiting to perform software security testing until the end of the development process ...
Data on 600,000 Email.it users for sale on dark web after email provider refuses to pay bounty
Email.it, an Italian email provider, has recently confirmed that it was breached, confirming suspicions raised after an announcement posted by the NN Hacking Group on its Twitter account on April 5. Data ...
