Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cyberattacks

alienvault

Chinese fraudsters: evading detection and monetizing stolen credit card information

Apr 4, 2023 By Strawberry Donut In AT&T Cybersecurity

Cyber attacks are common occurrences that often make headlines, but the leakage of personal information, particularly credit card data, can have severe consequences for individuals. It is essential to understand the techniques employed by cyber criminals to steal this sensitive information.

Read Post
sysdig

Proxyjacking has Entered the Chat

Apr 4, 2023 By Crystal Morin In Sysdig

Did you know that you can effortlessly make a small passive income by simply letting an application run on your home computers and mobile phones? It lets others (who pay a fee to a proxy service provider) borrow your Internet Protocol (IP) address for things like watching a YouTube video that isn’t available in their region, conducting unrestricted web scraping and surfing, or browsing dubious websites without attributing the activity to their own IP.

Read Post
idstrong

NCB Management Services Hit By a Cyber Attack Exposing Data for 500,000 Consumers

Apr 4, 2023 By Steven In IDStrong

NCB Management Services is a debt-buying company that acquires debt from other businesses and attempts to collect that debt. The organization works with many major companies, such as Bank of America, and it suffered from a serious data breach recently. Since NCB works with so many major companies, customers of those companies can be put at risk of data loss when their data is lost.

Read Post
Arctic Wolf

The Top Cyber Attacks of March 2023

Apr 3, 2023 By Arctic Wolf In Arctic Wolf
What do public school students, BMW dealers, Canadian defense engineers, and the world’s richest human have in common? They all fell victim to some manner of cybercrime during March. We’ve seen time and time again that no group is off-limits in the world of cybercrime, and the span of attacks we’re covering this month highlights cybercriminals lack of preference when there’s data and money on the line.
Read Post
knowbe4

Mid-Sized Businesses Lack the Staffing, Expertise, and Resources to Defend Against Cyberattacks

Apr 3, 2023 By Stu Sjouwerman In KnowBe4

Mid-sized businesses – those with 250 to 2000 employees – don’t appear to have what they need to fend off attacks in a number of critical ways. Cybersecurity vendor Huntress’ latest report, The State of Cybersecurity for Mid-Sized Businesses in 2023, shows that mid-sized businesses are in a heap of trouble and simply aren’t prepared for an attack: In short, organizations have no internal resources to ensure the organization is improving its state of cybersecurity daily.

Read Post
idstrong

TMX Finance Suffers a Cyber Breach, and Customer Data is Exposed

Apr 3, 2023 By Steven In IDStrong

TMX Finance is a large financial company that specializes in short-term loans for in-need individuals. The company has been in operation since 1998 and runs businesses like InstaLoan, TitleMax, and TitleBucks. The organization maintains more than 900 locations in 14 separate states and employs more than 2,000 individuals overall. This large finance company recently suffered from a cyber attack that exposed some of its customers in a serious way.

Read Post
Featured Post
salt security

A First Look at the Updated OWASP API Security Top 10

Apr 1, 2023 By Yaniv Balmas, VP of Security Research In Salt Security
As the pioneer in API security, Salt Security worked closely with the Open Web Application Security Project (OWASP) to help identify, define, and educate the security community about API security threats. In fact, Salt was a key contributor to the original OWASP API Security Top 10 list, released in 2019. The OWASP API Security Top 10 list has had a tremendous impact on the industry, increasing awareness and educating organizations on the fastest-growing API security threats. Given the significance of this list, Salt has been actively involved in the foundation's updated 2023 mapping. We are thrilled to see the publication of the initial release candidate.
Read Post
splunk

Command and Control: Understanding & Defending Against C2 Attacks

Mar 31, 2023 By Laiba Siddiqui In Splunk
Attackers go through several stages to make an attack successful. And the last line in the defense system they aim to break is the command and control (C2). C2 attacks are a severe threat to organizations of all sizes and types because, if successful, adversaries can steal all your valuable data. To protect against these attacks, you should implement a security framework and robust policies, including technical and organizational measures.
Read Post
Trustwave

Trustwave Action Response: Supply Chain Attack Using 3CX PABX Software

Mar 31, 2023 By Trustwave In Trustwave

On March 29, a massive supply chain compromise in 3CX software resulted in malware being installed globally across multiple industries. It is similar to the other high-profile supply chain attacks (like SolarWinds and Kaseya) in that rather than targeting a single organization, the criminals target a popular service or software provided to many large organizations. With one single compromise of the supplier, dozens and potentially hundreds of organizations may fall in turn.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.