Never Use SMS For 2FA. Here’s Why
One of the most common methods of 2FA is SMS text messages. The problem is that SMS is not a secure medium. Hackers have several tools in their arsenal that can intercept, phish, and spoof SMS. Despite this security flaw and better options for authentication, SMS-based 2FA is still used by several institutions.
DDoS Hacking Attempts Drop In Q1 2021: Kaspersky
In the first quarter of 2021, the number of DDoS attacks dropped by 29 percent compared to the same period in 2020, but increased by 47 percent compared to the fourth quarter in 2020, as reported by Kaspersky’s Cyberthreat Research And Reports.
Air India’s 4.5 Million Customers’ Info Compromised In Global Data Breach
Air India disclosed a data breach after personal information belonging to roughly 4.5 million of its customers was leaked two months following the hack of Passenger Service System provider SITA in February 2021.
CNA Financial Paid $40 Million To Ransomware Hackers
CNA Financial paid $40 million in late March to regain control of its network after a ransomware attack.
People Lost More Than $80 Million In Cryptocurrency Investment Scams: FTC
Since October 2020, consumers have reported losing more than $80 million to cryptocurrency investment scams, an increase of more than ten-fold year-over-year, according to a new data analysis from the Federal Trade Commission.
Guard.me Has Taken Down Their Site After Data Breach
Student health insurance carrier guard.me has taken their website offline after a vulnerability allowed a threat actor to access policyholders’ personal information.
How To Protect Your Home Network From ‘FragAttacks’
FragAttacks are a group of security vulnerabilities that can be used to attack Wi-Fi devices. Every Wi-Fi device ever created appears vulnerable, making it possible for attackers to steal sensitive data or attack devices on your network.
How To Defend Against DDoS Attacks
In a DDoS attack, An attacker uses a number of machines across the internet (or what’s called a “botnet”). Those machines send a high volume of fake traffic to the target site, all in an attempt to overload server resources and bring the site down.
Colonial Pipeline Halts All Operations After Cyber Attack
Colonial Pipeline, the largest U.S. refined products pipeline operator, has halted all operations after it fell victim to a cybersecurity attack on Friday
Over 128M iOS Users Affected By XcodeGhost Malware
More than 128 million iOS users were allegedly affected by the “XcodeGhost” malware which first surfaced in 2015 — responsible for injecting malware into several iPhone and iPad apps that were subsequently uploaded to the App Store.
Apple Fixed 2 iOS 0-Day Vulnerabilities That Let Hackers Compromise Fully Patched Devices
Apple has released a new update to patch two zero-day vulnerabilities that allowed attackers to execute malicious code to attack iPhones, iPads, iPods, macOS, and Apple Watch devices.
DigitalOcean Data Breach Exposes Customer Billing Data
Cloud hosting provider DigitalOcean has emailed customers warning of a data breach involving customers’ billing data.
How Secure Are QR Codes?
Attackers can embed malicious URLs containing custom malware into a QR code which could then exfiltrate data from a mobile device when scanned. It is also possible to embed a malicious URL into a QR code that directs to a phishing site, where unsuspecting users could disclose personal or financial information.
Hacker Published 20 Million Alleged BigBasket Users Records On Dark Web
A hacker has leaked database of about 20 million alleged BigBasket users on a popular hacker forum.
REvil Ransomware Gang Are Demanding $50 Million From Apple To Avoid Documents Leaked
The operators of the REvil ransomware are demanding a $50 million ransom from Apple to avoid having confidential information leaked on the dark web,
Geico Data Breach Exposed Customers’ Driver’s License Numbers For More Than A Month
Insurance company Geico has suffered a data breach that exposed customers’ driver’s license for more than a month, according to a data breach notice filed with the attorney general of California.
Swinburne University Data Breach Exposes Details Of 5000 Individuals
Swinburne University has confirmed that details of more than 5,000 staff and students were inadvertently made available on the Internet. The information made available was name, email address, and in some cases, a contact phone number.