Blog

New Hacking Forum ‘Exposed’ Unveils Database of Over 478,000 RaidForums Members

In a revealing development, a newly launched hacking forum named ‘Exposed’ has publicly leaked a substantial database from the infamous RaidForums. The disclosure will bring unprecedented insights into the members of the hacking community for both cybercriminals and security researchers.

RaidForums, a notorious hub for hackers who would freely share stolen data to bolster their reputation, was seized in April 2022 in an international operation, which also led to the arrest of its administrator, Omnipotent.

Continue reading “New Hacking Forum ‘Exposed’ Unveils Database of Over 478,000 RaidForums Members”

New York’s Suffolk County Spends $16.4 Million to Recover from Ransomware Attack

Sources familiar with the effects of last year’s ransomware attack on Suffolk County in the state of New York say the incident has forced government officials to spend in excess of $16 million on recovery efforts.

Hackers initially penetrated Suffolk’s computer system on Dec. 19, 2021. As reported by the NY Times, the attackers made their way in by exploiting a flaw in “an obscure but commonplace piece of software” via the county clerk’s office.

Continue reading “New York’s Suffolk County Spends $16.4 Million to Recover from Ransomware Attack”

Hacked DJ’s Twitter account costs cryptocurrency investors $170,000

I know this will come as a shock to many of you, but scammers have once again succeeded in stealing a lot of money from cryptocurrency investors.

The Twitter account of American DJ and electronic music producer Steve Aoki, who is considered something of an “influencer” in the world of cryptocurrency, lies at the heart of the scam.

According to a tweet posted by self-proclaimed blockchain sleuth ZachXBT, a hack of Aoki’s Twitter account cost cryptoinvestors thousands of dollars.

Continue reading “Hacked DJ’s Twitter account costs cryptocurrency investors $170,000”

Parents’ guide: Dangers of music streaming apps for kids

YouTube, Spotify, Pandora and Apple Music are just a few of the popular music streaming platforms used by hundreds of people worldwide, including kids.

Music plays an important role in our wellbeing, and exposing kids to song during their development can improve social skills and literacy and helping strengthen their memory, besides many other benefits.

While music-streaming apps are considered (generally) safe for young kids, there are some potential risks they may be exposed to while browsing for audio content online:

Continue reading “Parents’ guide: Dangers of music streaming apps for kids”

Why Businesses Need Strong Mobile Threat Detection

In an increasingly connected world, smartphones and mobile devices have become an integral part of our lives. They provide convenience, productivity, and connectivity on the go. There are more than 6.8 billion smartphones in use around the world, with many people relying on them not only for personal use, but also in their professional jobs to access company applications, networks, and files. Unfortunately, with this increased reliance comes increased risk as cybercriminals shift their focus to exploit vulnerabilities on these devices. The growth of cybersecurity threats targeting mobile devices and operating systems such as iOS and Android highlights the growing need for businesses to have strong mobile threat detection (MTD) capabilities.    

Continue reading “Why Businesses Need Strong Mobile Threat Detection”

New York Fines Sports Warehouse After Attackers Steal 20 Years’ Worth of Credit Card Data

The State of New York fined online retailer Sports Warehouse after a massive data breach exposed information on more than a million US citizens.

Data breaches are common nowadays, often prompted by an unsecured database, employee negligence or another mundane reason. But the Sports Warehouse incident is noteworthy because the company had been collecting almost 20 years of credit card data from consumers, which it kept in plain text and with a simple password.

Continue reading “New York Fines Sports Warehouse After Attackers Steal 20 Years’ Worth of Credit Card Data”

Attacks Using the Newly Released .ZIP Domain Showcased by Researcher

Following Google’s decision to offer a new wave of eight top-level domains (TLDs), including .zip, a security researcher showed how attackers could use this domain in a phishing scheme.

The TLDs Google made available are .dad, .phd, .prof, .esq, .foo, .zip, .mov, and .nexus. From a cybersecurity perspective, the most interesting one is .zip because it makes way for new attacks.

Security researcher mr.d0x showed how criminals could imitate the looks and functionality of a file-archiving software displayed inside the browser when a user accesses a webpage hosted on a .zip domain.

Continue reading “Attacks Using the Newly Released .ZIP Domain Showcased by Researcher”

ABB Confirms Ransomware Attack

Zurich-based technology giant ABB has issued a public statement to acknowledge that hackers broke into its systems to deploy ransomware.

The Swedish-Swiss multinational is a major player in electrification and automation, serving both the private and public sector, as well as government agencies, including the US Department of Defense.

Earlier this month, news broke out that Black Basta hackers had infiltrated ABB to deploy ransomware. The attack reportedly disrupted the company’s operations, impacting factory operations and delaying various projects.

Continue reading “ABB Confirms Ransomware Attack”

‘Hot Pixel’: New Attack Exploits Modern GPUs and SoCs to Steal Browsing History

A landmark collaboration between the University of Michigan, Ruhr University Bochum and Georgia Tech has discovered a pioneering cyberattack method dubbed “Hot Pixel,” which targets the intricate relationship between graphic processing units (GPUs), modern system-on-a-chip (SoCs) and browser data.

The “Hot Pixel” attack marks a shift from traditional security vulnerabilities, as it exploits data-dependent computation times in GPUs and SoCs to exfiltrate information from Chrome and Safari browsers, even bypassing contemporary side-channel countermeasures.

Continue reading “‘Hot Pixel’: New Attack Exploits Modern GPUs and SoCs to Steal Browsing History”

UK cyber breaches report: 94% of businesses fail to change passwords after a breach. How does this affect you?

The cyber breaches report by the UK government released in April 2023 sheds light on a concerning issue – most businesses don’t change passwords after a breach. The report shows that since their most disruptive breach or attack of the last 12 months, only 6% of businesses and 4% of charities updated passwords.

Continue reading “UK cyber breaches report: 94% of businesses fail to change passwords after a breach. How does this affect you?”