The breach, which occurred on May 28, 2023, compromised the data of 184,995 individuals. The company took three months to determine the extent of the breach and notify affected customers.
Despite their best efforts, 67% of businesses say they need to improve security and compliance measures with 24% rating their organization’s security and compliance strategy as reactive, according to Vanta. The expansion of attack surfaces in a post-pandemic hybrid world, combined with shrinking teams and budgets and the rapid rise of generative AI, are fueling […]
Nov 22, 2023NewsroomCyber Espionage / Social Engineering North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and […]
This post is also available in: 日本語 (Japanese) Executive Summary Unit 42 researchers recently discovered two separate campaigns targeting job-seeking activities linked to state-sponsored threat actors associated with the Democratic People’s Republic of Korea (DPRK), commonly known as North Korea. We call the first campaign “Contagious Interview,” where threat actors pose as employers (often anonymously […]
Dive Brief: Ahead of the Thanksgiving holiday and Black Friday weekend, retailers are bracing for a surge in cyber activity as threat groups look to disrupt critical supply chains and lure customers in search of deep discounts. Retailers are facing an increased threat from phishing as an initial intrusion vector; threat groups are using social […]
Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT’s meteoric rise to 100 million users […]
Cryptocurrency trading and investment firm Kronos Research said $26 million worth of cryptocurrency was stolen from its systems following a cyberattack. The company said on Saturday that it experienced “unauthorized access” to some of its application programming interface (API) keys, forcing it to pause trading and begin an investigation. By Sunday, the company confirmed that […]
Organizations are feeling the pressure to rush into generative AI (GenAI) tool usage, despite significant security concerns, according to Zscaler. More than 900 global IT decision makers, although 89% of organizations consider GenAI tools like ChatGPT to be a potential security risk, 95% are already using them in some guise within their businesses. GenAI-related security […]
The vulnerability, known as “Looney Tunables” and tracked as CVE-2023-4911, allows attackers to gain root privileges on major Linux distributions. It affects popular platforms like Fedora, Ubuntu, and Debian.