Security
Google mitigates largest DDoS attack to date
Google said that it mitigated the largest DDoS attack ever in August, peaking at 398 million requests per second, or more than the total number of article views Wikipedia reported in a month.
Read more about Google mitigates largest DDoS attack to date
Exposed security cameras in Israel and Palestine posing significant risks
Many poorly configured security cameras are exposed to hacktivists in Israel and Palestine, placing the owners using them and the people around them at substantial risk.
Read more about Exposed security cameras in Israel and Palestine posing significant risks
Titans in crisis: unraveling the MGM and Caesars ransomware timeline
MGM Resorts International and Caesars Entertainment made headlines in Las Vegas, stealing the spotlight in 2023 as the new poster child for corporate ransomware attack victims. How did this incident unfold, who is responsible, and what are the future implications?
Read more about Titans in crisis: unraveling the MGM and Caesars ransomware timeline
Ten most common cyber security misconfigurations, as revealed by the NSA and CISA
According to an advisory by the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA), systemic weaknesses in large organizations are “all too common” and leveraged by multiple malicious actors. The agencies have compiled a list of the top ten cybersecurity misconfigurations.
Read more about Ten most common cyber security misconfigurations, as revealed by the NSA and CISA
MGM cyberattack cost over $100M in losses
MGM Resorts International is estimating last month's cyberattack – which forced the hotel and gaming giant to completely shut down its systems for nearly a week – will take a $100m dollars hit to its third-quarter results, but expects no impact on yearly profits.
Read more about MGM cyberattack cost over $100M in losses
Zero-day bugs: what they are and how to defend against them
The MOVEit Transfer attacks have made it abundantly clear that zero-day vulnerabilities and other flaws can cause millions of dollars in damage. However, the only way to avoid bugs is to properly understand them.
Read more about Zero-day bugs: what they are and how to defend against them
Blue teams on the edge: cyber pros seem to hate their jobs
If you’re interested in cybersecurity and looking for information online, chances are you’ll end up in the Reddit community of cyber pros. Users in the forums are known to openly share frustrations about their jobs, companies, and colleagues – highlighting the fact that “blue” teams have many common problems.
Read more about Blue teams on the edge: cyber pros seem to hate their jobs
Seaports in India were left vulnerable to takeover by hackers
The National Logistics Portal (NLP), a newly launched platform to manage all port operations in India, left public access to sensitive data, posing the risk of a potential takeover by threat actors.
Read more about Seaports in India were left vulnerable to takeover by hackers
Misconfigured WBSC server leaks thousands of passports
The World Baseball Softball Confederation (WBSC) left open a data repository exposing nearly 50,000 files, some of which were highly sensitive, the Cybernews research team has discovered.
Read more about Misconfigured WBSC server leaks thousands of passports
DarkBeam leaks billions of email and password combinations
The leaked logins present cybercriminals with almost limitless attack capabilities.
Read more about DarkBeam leaks billions of email and password combinations
Canadian Flair Airlines left user data leaking for months
Canadian Flair Airlines left credentials to sensitive databases and email addresses open for at least seven months, the Cybernews research team has discovered. This increases the risk of passengers’ personal information, such as emails, names, or addresses, ending up in the wrong hands.
Read more about Canadian Flair Airlines left user data leaking for months
MGM and Caesars-like phishing campaign continues targeting luxury hotels
Luxury hotels remain the major target of a “well-crafted and innovative” social engineering campaign, cybersecurity experts warn.
Read more about MGM and Caesars-like phishing campaign continues targeting luxury hotels
Facebook live streaming fakes used as lure by phishers
The World Sailing Championships were recently spoofed by scammers on Facebook, who used fake offers of free live streaming to fool the unwary.
Read more about Facebook live streaming fakes used as lure by phishers
Space and defense tech maker Exail Technologies exposes database access
Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases.
Read more about Space and defense tech maker Exail Technologies exposes database access
Proton Pass security flaw exposed: Firefox users at risk
A password manager by Swiss-based company Proton is still storing data in plaintext. Patch is on the way.
Read more about Proton Pass security flaw exposed: Firefox users at risk
PwC Nigeria tech bootcamp IDs exposed
Participants in PricewaterhouseCooper’s (PwC) Nigeria Tech Talent Bootcamp are at risk of identity theft after private data was leaked from a misconfigured Amazon Web Services account, a Cybernews investigation reveals.
Read more about PwC Nigeria tech bootcamp IDs exposed
Microsoft AI research team allegedly leaks 38TB of private data
A disk backup of two employees’ workstations were also included in the leaked data, researchers at cloud security company Wiz said.
Read more about Microsoft AI research team allegedly leaks 38TB of private data
Brits in dark about dark web, study shows
One in seven Brits have had personal data leaked in the past year but few can tell what the dark web is, according to new research.
Read more about Brits in dark about dark web, study shows
Dangerous permissions detected in top Android health apps
Leading Android health applications expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. Cybernews has the story.
Read more about Dangerous permissions detected in top Android health apps
Third of Americans use password managers
Increased cybersecurity risks may have sharpened some Americans’ attention to password management – but most still rely on memorization or handwritten notes, a practice criticized by many cybersecurity experts.
Read more about Third of Americans use password managers
