Hot Topics

Threats and Breaches

Stay current with latest developments in the hacking world. Explore topics, ranging from threats and breaches including data breaches to password hacks to malware. Readers can find posts updated hourly covering incidents around the world authored by some of leading experts and contributors in Cybersecurity industry.

U.S. Capitol Dome at sunset

House Passes Privacy-Preserving Bill, but Biden Blasts it

| | 4th Amendment, adtech, Advertising and AdTech, Biden, Biden administration, Biden-Harris, Congress, congressional legislation, Data Broker, Data broker regulations, Data Brokers, foreign adtech, Fourth Amendment, Fourth Amendment is Not For Sale Act (FANFSA ), H.R. 4639, House of Representatives, Joe Biden, national security, national security policy, President Biden, SB Blogwatch, US Congress, White House
Are you a FANFSA fan? The White House isn’t. It says the bill “threatens national security.” ...
Security Boulevard
Get a demo

Roku experiences another data breach; Apple notifies users about mercenary spyware attacks

| | Data breaches, Hacking, research, Thursday Threats
It’s rare to see a data breach study observers call a “mixed bag.” Normally, reports on data breaches are grim, touting how each year was a record high for the number of ...
BlackCloak | Protect Your Digital Life™

Potential Risk Indicator Decay and Insider Risk Management

| | Dtex Systems, insider risk, Insider Risk Management, insider threat, pri, pri decay
Who among us hasn’t received an answer to what we thought was a precise question with, “it depends” and our mind remains befuddled. Potential Risk Indicators are like that: on the surface ...
DTEX Systems Inc
Screenshot of bribery SMS spam

SIM Swappers Try Bribing T-Mobile and Verizon Staff $300

| | 2fa, 2FA bypass, 2FA Flaws, 2FA policies, 2FA/MFA, bypass 2FA, Industry Insider, Insider, Insider attack, Insider Attacks, insider breach, Insider Fraud, insider risk, malicious social engineering, MFA, MFA hacks, , MFA Methods, Multi-Factor Authentication, Multi-Factor Authentication (MFA), Multifactor Authentication, SB Blogwatch, SIM swap, sim swap fraud, SIM swap scams, SIM swapping, sms scam, SMS scams, SMS Spam, SMS Spamming, social engineeering, T-Mobile, t-mobile breach, t-mobile data breach, T-Mobile hack, two factor authentication, two-factor-authentication.2fa, verizon, verizon data breach, Verizon Wireless
Not OK: SMS 2FA — Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication ...
Security Boulevard
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens'

Devs flood npm with 15,000 packages to reward themselves with Tea ‘tokens’

| | malware prevention, Nexus Firewall, OSS security, Sonatype Repository Firewall, Vulnerabilities
We have repeatedly come across cases involving open source registries like npm and PyPI being flooded with thousands of packages in a short span of time. Typically, such surges in publishing activity ...
Sonatype Blog

CSBR Slams Microsoft Over Storm-0558 Attacks | Key Insight

| | Cloud Security, CSBR, cyber attacks, cyber defense, Cybersecurity, Cybersecurity News, Data breach, Incident Response, Microsoft, nation state threats, risk management, Security Lapses, Storm-0558, Technology Industry, Vulnerability Management
In recent news, the U.S. Cyber Safety Review Board (CSBR) has raised concerns over Microsoft’s handling of the Storm-0558 attacks, highlighting significant security lapses that allowed a China-based nation-state group to breach ...
TuxCare
Critical RCE Vulnerability in 92,000 D-Link NAS Devices

Critical RCE Vulnerability in 92,000 D-Link NAS Devices

| | cyber attacks, Cyber Security, Cyber-attack, D-Link NAS Devices, Network Security, vulnerability, vulnerability scanning
Cyber attacks have become increasingly prevalent. This has caused significant adverse impacts on businesses of all sizes. According to the latest Ponemon Institute’s State of Cybersecurity Report, 66% of respondents reported experiencing ...
Kratikal Blogs
credential stuffing password

Roku: Credential Stuffing Attacks Affect 591,000 Accounts

| | credential stuffing attack, , Roku
Almost 600,000 Roku customers had their accounts hacked through two credential stuffing attacks several weeks apart, illustrating the ongoing risks to people who reuse passwords for multiple online accounts. The streaming service ...
Security Boulevard

A Step-by-Step Video Guide to Using Fortra VM

| | Cybersecurity, Videos, Vulnerability Management
The post A Step-by-Step Video Guide to Using Fortra VM appeared first on Digital Defense ...
Digital Defense

LayerSlider Plugin Flaw Exposes 1M Sites To SQL Injections

| | CVE-2024-2879, Cybersecurity, Cybersecurity News, Data breach, exploitation, LayerSlider Plugin, patch management, security flaw, sql injection, threat actors, vulnerability, vulnerability assessment, Website Protection, Website Security, wordpress security
Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQL attacks and infections. If exploited, the flaw allows users ...
TuxCare
Load more