JD Sports Sportswear Retailer have suffered a cyber attack that exposed the data of 10 million customers accessed by backers in the attack. The personal data which was exposed includes customer’s names, email addresses, contact details and passwords.

Search engines automatically create a business listing based on publicly available information, but they permit business owners to override this automatic listing by publishing their own. This listing may include business hours, slogan, geographical location, a website link, contact information, reviews, and images. Business owners are also permitted to respond to reviews. Recently, Sedara has seen incidents in which the attacker claims control over a business listing that they do not own.

The latest on ESXiArgs ransomware attacks, new QakNote attacks pushing QBot malware via Microsoft OneNote files, and Biden’s attention to data privacy in the State of the Union.

Arguably nothing in tech has changes the landscape more than ‘as a Service’ offerings, the subscription-based IT service delivery model, In fact, the ‘as a Service’ offering has made its way into the cybercrime landscape. And cybercrime, for its part, has evolved beyond a nefarious hobby — today it’s a means of earning for cybercriminals.

A brute force attack is an attempt to reveal passwords and login credentials in order to gain access to network resources. These attacks are mainly done with the purpose of gaining unauthorized, and undetected access to compromise systems. Threat actors usually prefer this attack method since it is simple to carry out, and can cause significant damage. Once a person’s credentials are revealed, the attacker can log in, generally unnoticed.

Cybersecurity is an ever-present concern for businesses, particularly as the modern attack surface continuously expands and changes due to the shift to remote work in response to the COVID-19 pandemic, cloud adoption, and the growth of shadow IT, among other factors. Implementing the appropriate security control types for attack surface reduction is crucial for bolstering your company’s cybersecurity posture in the modern threat landscape.

When it comes to high profile cybercrime incidents, it’s the major tech vulnerabilities and sophisticated state-sponsored threat vectors that make the headlines. In reality, however, most of the cybercrime incidents exploit the human element as the weakest link in the cyberattack kill chain.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. In this edition, we’ll explain why cyberwarfare could be a potential cyberthreat in 2023. Cyberwarfare was one of the top trending terms in 2022, and the incidents that happened last year have opened up more discussions regarding this topic. Most people think cyberwarfare is synonymous with the term cyberwar.

In February of 2021, one of the operators at the City of Oldsmar’s water treatment system noticed a change in the water supply. The level of sodium hydroxide was abnormally high, which would have been lethal for residents if ingested in large amounts. Quick to react, the operator was able to reverse it before any damage was done.

A great deal of focus in the cybersecurity industry is placed on the dangers threat actors pose to small and medium-sized businesses. For good reason, too. These organizations often lack the budget and staffing required to provide 24×7 monitoring, detection, and response, leaving them exposed to attack. These same factors can find them incapable of mounting a robust incident response plan post-breach.