In a recent statement, telecommunications giant AT&T confirmed that a hack on a vendor it was working with exposed around 9 million accounts. AT&T said that the sensitive information was mainly about device upgrade eligibility. The hacking happened in January 2023 using a weakness in the vendor’s system. The hackers accessed customer data, such as…
There is a new malware campaign targeting business-grade routers. It is called Hiatus, a complex operation that deploys the HiatusRAT malware. It is a kind of Remote Access Trojan (RAT) that cybercriminals use to gain remote control over a target system. Hiatus is the first of its kind. Lumen’s security experts say it has been…
Cerebral, an online platform that offers mental health care services, recently suffered a data breach that may have affected up to 3.18 million users. According to its report, the breach was due to the company’s use of third-party pixel trackers. Cerebral did not say the exact number of users affected. However, the company said it…
Hatch Bank confirmed a data breach that compromised its customers’ personal data. The financial technology firm said hackers found a vulnerability in its internal file-transfer software. This allowed the hackers to access and steal around 140,000 customer names and social security numbers from Jan. 30-31, 2023. Hatch is using Fortra’s GoAnywhere file-transfer platform. Many other…
Credential stuffing is one of the many forms of cyberattacks on the rise. It’s a low-risk, low-cost automated method. It uses bots to access username-password combinations from past data breaches. It then uses that information to exfiltrate data from a new target system. It relies on people’s habit of reusing the same login credential across…
The United States government is alerting organizations about the Royal ransomware operation. The Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) said in a joint advisory that the Royal ransomware gang poses an increasing threat to critical infrastructure of numerous sectors in the U.S. The Royal ransomware group has been…
Callback phishing scams are one of the worst cyberattacks you can encounter. It is devastating to experience on a personal level. But it is even more disastrous if it happens to your organization. To help you, here is a guide covering how callback phishing works and the steps you should take to address it. How…
Having a password for online accounts is not enough protection. Hackers and cybercriminals have found a way to crack passwords and hijack emails, bank accounts, social media pages, and other digital real estate. Through password mass attacks, cyber threat actors no longer have to spend a long time trying to guess your online credentials. Understanding…
Microsoft Corp. announced via Twitter on March 1 that a worldwide outage affected Exchange Online – its cloud-based email service. According to the software giant in a series of tweets, Exchange Online users can’t access their mailboxes. Users can’t send or receive emails and got error messages. The good news is that Microsoft resolved these…
News Corporation (News Corp) has disclosed more information about the 2022 cyberattack against the major publishing conglomerate. News Corp revealed that the cybercriminals had access to its systems two years ago, starting in Feb. 2020. News Corp recently sent notification letters to affected employees. These laid out the most recent information on the data breach….