Cybersecurity
Category Added in a WPeMatico Campaign
Enterprise software provider TmaxSoft leaks 2TB of data Pierluigi Paganini November 22, 2023 TmaxSoft, a Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records. The 2 TB-strong Kibana dashboard has been exposed for over two years. Cybernews researchers discovered it back in January 2023, noting the set of data […]
There has been a significant decrease in vulnerabilities found in target applications – from 97% in 2020 to 83% in 2022 – an encouraging sign that code reviews, automated testing and continuous integration are helping to reduce common programming errors, according to Synopsys. The report details three years of data (2020 – 2022) derived from […]
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious ads were tricking victims into downloading this piece of malware under the disguise of a popular application. In an interesting new development, AMOS is now being delivered to Mac users via a fake browser update […]
Britain’s data protection regulator has warned some of the country’s most visited websites that they risk being fined unless they stop coercing visitors into accepting advertising cookies. The Information Commissioner’s Office (ICO) announced on Tuesday that the top websites in the United Kingdom had 30 days to comply with the country’s privacy laws or they […]
The breach, which occurred on May 28, 2023, compromised the data of 184,995 individuals. The company took three months to determine the extent of the breach and notify affected customers.
Despite their best efforts, 67% of businesses say they need to improve security and compliance measures with 24% rating their organization’s security and compliance strategy as reactive, according to Vanta. The expansion of attack surfaces in a post-pandemic hybrid world, combined with shrinking teams and budgets and the rapid rise of generative AI, are fueling […]
Nov 22, 2023NewsroomCyber Espionage / Social Engineering North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and […]
This post is also available in: 日本語 (Japanese) Executive Summary Unit 42 researchers recently discovered two separate campaigns targeting job-seeking activities linked to state-sponsored threat actors associated with the Democratic People’s Republic of Korea (DPRK), commonly known as North Korea. We call the first campaign “Contagious Interview,” where threat actors pose as employers (often anonymously […]
Dive Brief: Ahead of the Thanksgiving holiday and Black Friday weekend, retailers are bracing for a surge in cyber activity as threat groups look to disrupt critical supply chains and lure customers in search of deep discounts. Retailers are facing an increased threat from phishing as an initial intrusion vector; threat groups are using social […]