Security News

Suspected hackers behind the heist of $14,000,000 worth of cryptocurrency from blockchain tech firm Holograph was arrested in Italy after living a lavish lifestyle for weeks in the country. [...]

A lawsuit has accused a Florida data broker of carelessly failing to secure billions of records of people's private information, which was subsequently stolen from the biz and sold on an online criminal marketplace. California resident Christopher Hofmann filed the potential class-action complaint against Jerico Pictures, doing business as National Public Data, a Coral Springs-based firm that provides APIs so that companies can perform things like background checks on people and look up folks' criminal records.

A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. Researchers analyzing the campaign are calling it Ticket Heist and found that some of the domains were created in 2022 and the threat actor kept registering an average of 20 new ones every month.

A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. [...]

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Feds scoff at blockchain integrity while software bug said to have been at heart of the matter The US Department of Justice has booked two brothers on allegations that they exploited open source...

Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. ResumeLooters is confirmed to have stolen several databases containing 2,079,027 unique emails and other records, such as names, phone numbers, dates of birth, and information about job seekers' experience and employment history.

Microsoft, a week after disclosing that Kremlin-backed spies broke into its network and stole internal emails and files from its executives and staff, has now confirmed the compromised corporate account used in the genesis of the heist didn't even have multi-factor authentication enabled. On Thursday, Redmond admitted Midnight Blizzard - a Moscow-supported espionage team also known as APT29 or Cozy Bear - "Utilized password spray attacks that successfully compromised a legacy, non-production test tenant account that did not have multifactor authentication enabled."

The Akira ransomware gang is claiming responsiblity for the "Cybersecurity incident" at British bath bomb merchant. Akira says it has stolen 110 GB of data from the UK-headquartered global cosmetics giant, which has more than 900 stores worldwide, allegedly including "a lot of personal documents" such as passport scans.

Threat actors affiliated with the Democratic People's Republic of Korea (also known as North Korea) have plundered at least $600 million in cryptocurrency in 2023. The DPRK "was responsible for...