The help desk was operated by a third party. The hackers conned the help desk, it is reported, to reset all of the two factor methods that were set up to protect a super-admin account. They likely did this after they phished an employee for his/her userid and password. They used deceptive phone calls to […]
Continue reading → [DISPLAY_ACURAX_ICONS]Ex-NSA Director General Alexander’s Security Company (IronNet) Near Bankruptcy It just goes to show that just because you are famous and people invest $78 million in you, doesn’t mean you know how to run a business. How, exactly, do you blow almost $80 million and realize you are over the edge of the cliff before […]
Continue reading → [DISPLAY_ACURAX_ICONS]Caesars Entertainment, which calls itself the U.S.’s largest casino chain, sort of says it paid a ransom to avoid the online leak of customer data stolen in a recent cyberattack. The attack compromised the chain’s loyalty database, which, according to them, includes driver’s license numbers and social security numbers of many customers. Caesar’s 8-K filed […]
Continue reading → [DISPLAY_ACURAX_ICONS]73 percent of survey respondents (659 board members from companies with over 5,000 employees) fear a material cyberattack on their organization this year, up from 65 percent last year. 59 percent said that generative AI presents a high risk to their organizations because it can be used by hackers to create and deliver malware with […]
Continue reading → [DISPLAY_ACURAX_ICONS]As is often the case, humans and process represent the biggest failure window. Microsoft, to its credit, is being public about its own failures and pretty quickly. The Chinese hackers, Storm-0558, obtained a “golden cryptographic key” which allowed them to generate tokens so that they could masquerade as other users. I don’t know why you […]
Continue reading → [DISPLAY_ACURAX_ICONS]Want a .US Domain? Just Lie About It. The .US top level domains are a hotbed for phishing attacks. Apparently, this is due to lax oversight. In theory, the .US is managed by the US government, but the government outsources that to GoDaddy – who doesn’t have a stellar cybersecurity reputation to be polite. See […]
Continue reading → [DISPLAY_ACURAX_ICONS]