Hacked Security Software Used in Novel South Korean Supply-Chain Attack

Lazarus Group is believed to be behind a spate of attacks that leverage stolen digital certificates tied to browser software that secures communication with government and financial websites in South Korea. The Lazarus cybercriminal group is using a novel supply-chain attack against visitors to websites operated by the South Korean government and financial firms, in … Continue reading Hacked Security Software Used in Novel South Korean Supply-Chain Attack

ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

A hacker has shared 3.2 million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. Pluto TV is an American internet television service, it is an advertiser-supported video on demand (AVOD) service that primarily offers a selection of programming content through digital linear channels designed … Continue reading ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

Campari hit by Ragnar Locker Ransomware, $15 million demanded

Italian liquor company Campari Group was hit by a Ragnar Locker ransomware attack, where 2 TB of unencrypted files was allegedly stolen. To recover their files, Ragnar Locker is demanding $15 million. Campari Group is an Italian beverage company known for its popular liquor brands, including Campari, Frangelico, SKYY vodka, Epsolon, Wild Turkey, and Grand … Continue reading Campari hit by Ragnar Locker Ransomware, $15 million demanded

A Guide to the NIST Cybersecurity Framework

With cybersecurity threats growing exponentially, it has never been more important to put together an efficient cyber-risk management policy, and NIST's framework can help. Just before lockdown it was reported that 46% of UK businesses had suffered cyber attacks in 2019, up 9% from 2018. Although businesses had plenty more to worry about in the … Continue reading A Guide to the NIST Cybersecurity Framework

MFA-Minded Attackers Continue to Figure Out Workarounds

While MFA can improve overall security posture, it's not a "silver bullet" -- and hacks continue. As online users become increasingly aware of and use multifactor authentication (MFA), attackers are devising new ways to circumvent the technology — and often with great success. Earlier this month, for example, security firm Proofpoint reported its disclosure of … Continue reading MFA-Minded Attackers Continue to Figure Out Workarounds