According to LastPass CEO Karim Toubba, the password manager has been hacked once again. A data breach occurred in the development environment only a few months ago, prompting LastPass to announce they had experienced a security breach on August 25, 2022. LastPass disclosed to its customers that a developer account was compromised. At the time, only portions of LastPass' source...
The new security-focused data lake solution from Amazon Web Services (AWS), unveiled at re:Invent 2022, aims to give consumers more value from their security data. The Amazon Security Lake service aims to consolidate an organization's security data from various on-premises and cloud-based sources into a single location to pinpoint security threats precisely. With the help of Amazon Security Lake, based...
While artificial intelligence (AI) is seen as a new phenomenon in mainstream society, it is not a new concept. As AI technologies increase, AI is becoming increasingly important for companies looking to stay competitive. What is AI Artificial intelligence is a broad term for any computer software that engages in human-like activities. This includes learning, planning, and problem-solving. Machine Learning...
The FBI warns about scammers pretending to be refund payment gateways from financial institutions to steal sensitive information from unsuspecting victims. The federal law enforcement agency stated that scammers deceive victims into granting them access to their computers via email or phone calls by posing as representatives of technical or computer repair companies. According to the FBI, scammers typically start...
Earlier this year, Twitter confirmed that an API vulnerability had caused a massive data leak containing non-public information for over 5.4 million Twitter users. Twitter denied claims that hackers had leaked the private information priorly. However, Pompompurin, the owner of the hacking forum Breached, stated they were responsible for exploiting the API bug and platforming the data after another hacker shared...
Threat actors may now launch their own sophisticated assaults thanks to the emergence of Phishing as a Service (PhaaS) platforms like "Caffeine." Through an open registration procedure, anyone who wishes to launch their phishing campaign can sign up on these platforms. Security experts at Mandiant discovered the first sighting of these threats while investigating a large-scale phishing campaign. The purpose...
Data allegedly stolen from Cincinnati State Technical and Community College has been leaked after Vice Society attacked the campus. Many of the stolen documents were posted on the hackers' websites. These documents date from several years ago until November 24, 2022, suggesting that threat actors still have access to the compromised systems, but this has not been confirmed. The leaked files...
According to cybersecurity experts at Cisco Talos, Microsoft Office has a high-severity vulnerability that could allow prospective cyber attackers to execute malicious code on the target device remotely. Microsoft announced the issue in a brief blog post, stating that its researcher Marcin 'Icewall' Noga had identified a class attribute double-free vulnerability impacting Microsoft Excel. The victim would give the attacker...
In a massive malicious SEO campaign, cybercriminals are promoting low-quality Q&A sites by redirecting visitors to fake discussion forums. As a result, almost 15,000 sites have been compromised. In September 2022, researchers at Sucuri discovered the attacks. Each compromised site was found to contain approximately 20,000 files that were utilized in the search engine campaign. Researchers believe that the goal...
Security experts at Akamai have discovered a campaign that uses an elaborate phishing kit. This campaign targets Americans using lures centered around holidays like Labor Day and Halloween. The kit combines several methods and employs several evasion detection techniques to prevent non-victims from visiting its phishing pages. One of the most intriguing aspects of the kit is a token-based method...
