North Korean Hacker Accidentally Hired by Security Firm
KnowBe4, a security firm recently hired a software engineer for its internal AI team that turned out to be a North Korean threat actor, who immediately began loading malware to his company-issued workstation. Although his checks came back clean, the company later realized that he was using a stolen identity and that his photo was […]
Attackers are now able to Bypass ‘Windows Hello’ Authentication
Security researchers have found a downgrade vulnerability in Microsoft’s Windows Hello for Business (WHfB) which is phishing-resistant by default. However, this flaw allows attackers to bypass the authentication. A red team security researcher at Accenture, Yehuda Smirnov, made the discovery last year and reported it to Microsoft who then made a fix available. Read More […]
Claudette McGowan Raises $10M For VC-backed Cybersecurity Firm
Claudette McGowan has a lot of experience in the technology industry designing new approaches to handle services. Her latest venture Protexxa, a Cybersecurity firm, has just raised $10 million dollars. They aim to solve cybersecurity issues by using AI their “Protexxa Defender” identifies, and evaluates the human elements that result in 90 per cent of […]
Cybersecurity Firm Rejects $23 Billion Google Takeover
An Israeli cybersecurity firm, Wiz, rejected a $23 billion acquisition offer from Google. The cybersecurity firm is instead seeking to reach $1 billion in revenue before their IPO. If Wiz had taken up the offer, it would have been Google’s largest ever acquisition. Read More on BBC
CrowdStrike Outage Sparks Global Chaos with Airline, Bank, and other Disruptions
IT outages have been causing over 1,000 flight cancelations and stalling internal and external systems in hospitals, banks, stock exchanges, and other institutions, as some Microsoft-based computers malfunctioned. Read More on ABC News
Rite Aid Ransomware Attack Impacts 2.2M People
Rite Aid Ransomware Attack Impacts 2.2M People Hackers impersonated a Rite Aid employee and stole sensitive customer information, and the hackers are threatening to leak this data if Rite Aid does not pay a ransom within the next few days. Though no SSN, financial, or patient information was impacted, the ransomware group has obtained near […]
AT&T Data Breach Exposes Records of Customers From 2022
AT&T Data Breach Exposes Records of Customers From 2022 AT&T announced that a data breach from April earlier this year revealed the data of “nearly all” of its customers over a 6 month period in 2022. At least one cybercriminal behind the attack has been arrested by the FBI. Read More on TechCrunch
Palo Alto Networks Patches Critical Flaw
Palo Alto Networks Patches Critical Flaw Palo Alto Networks released updates to patch 5 flaws in its Expedition Migration tool. The vulnerability with a 9.3 CVSS score has missing authentication which could lead to a hijacking of the admin account. Read More on The Hacker News
Hacker Uploads 10 Billion Passwords to a Crime Forum
Hacker Uploads 10 Billion Passwords to a Crime Forum After going by the name of ‘ObamaCare’, a hacker was able to post a database that allegedly contains near 10 billion unique passwords. These passwords were collected from multiple hacks and data breaches across many years. Read More on Forbes
Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation
Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation The Supreme Court has struck down a legal principle called the Chevron Doctrine which allows federal agencies to interpret ambiguities in the law. Since most US cybersecurity regulation is delivered through federal agencies rather than directly from Congress, the enforcement of cyber regulation will now be […]
