Mortgage servicing firm, LoanCare, is grappling with the aftermath of a major data breach that compromised the personal information of more than 1.3 million individuals. The breach occurred as a result of a cyberattack on LoanCare’s parent company, Fidelity National Financial (FNF). This article delves into the details surrounding the breach, FNF’s response, and ongoing investigations. The Breach and its
In a bold move to strengthen the security of the software supply chain, GitHub, the go-to platform for developers and their code, has launched a decisive initiative. This strategic effort primarily focuses on bolstering the foundational elements of the software ecosystem: the developers themselves. GitHub recognizes their pivotal role in fortifying the entire chain and aims to address the inherent
In recent times, a highly sophisticated cyber attack campaign has surfaced, entangling unsuspecting users in a web of deceit through the use of malicious web extensions cleverly disguised as VPNs. This insidious operation employs a multifaceted strategy, leveraging the allure of pirated game torrents, particularly those featuring popular titles such as Grand Theft Auto (GTA) and Assassin’s Creed, as its
In recent years, the proliferation of artificial intelligence (AI) implementations has given rise to a significant increase in AI-powered attack vectors. This article explores the evolving threat landscape, highlighting the importance of understanding and addressing these new challenges. The emergence of advanced tactics requires a comprehensive approach to cybersecurity involving proactive security measures, risk assessment, and effective governance. Fakes as
Yakult, the world’s largest producer of probiotic drinks, has fallen victim to a significant cyberattack that has exposed private data and confidential corporate records on the dark web. This breach raises concerns about data security and the potential impact on Yakult’s reputation and future actions. The Threat Actor and Data Breach DragonForce, a notorious threat actor, has claimed responsibility for
A fraudulent version of the popular open-source crypto wallet, Rabby Wallet, has recently surfaced on the Apple App Store, highlighting concerns over the effectiveness of Apple’s app vetting process. This deceptive app, created by an unknown developer named ‘Dinh Thi Phuonh Dung,’ masquerades as the legitimate Rabby Wallet, putting unsuspecting users at risk of losing their cryptocurrency or compromising their
European Union officials reached an agreement on December 12th on new crypto regulations that will grant member states expanded powers to freeze and confiscate assets suspected of being tied to criminal activities. These regulations come in response to rising concerns over cybercrime, money laundering, and other illicit finance connected to cryptocurrencies. The newly agreed-upon rules, which still require final approval
In a relentless pursuit of ill-gotten gains, scammers have devised a cunning scheme to exploit Google Ads, resulting in the theft of $3 million worth of cryptocurrencies within a mere 24-hour period. This alarming increase indicates an escalation in their tactics and underscores the urgent need for heightened cybersecurity measures. Attackers Utilize MS Drainer to Pilfer $59 Million Worth of
Non-fungible tokens (NFTs) have cemented their place as an integral part of the Web3 ecosystem in 2023. The past year has witnessed tremendous growth and innovation in this domain, captivating the attention of investors, artists, and collectors alike. This article delves into the remarkable developments surrounding NFTs, from soaring sales volumes to the rise of Bitcoin Ordinals, as well as
In the ever-evolving world of cryptocurrencies, a new trading protocol is emerging to support the growth of popular inscription tokens. This protocol aims to aggregate liquidity from various trading platforms across blockchain networks, providing a platform for seamless trading and unlocking the utility of inscription tokens. With the rise of inscription tokens like ORDI and BRC-20, this innovative approach by
A hardware feature present in an Apple system-on-a-chip (SoC) was recently exploited in a series of attacks targeting the iPhones of Kaspersky senior employees. These attacks successfully bypassed Apple’s protections and installed sophisticated spyware on the compromised devices, raising concerns about the vulnerabilities in the iOS ecosystem. Exploitation of iOS Zero-Day Vulnerabilities In a highly coordinated campaign, the attackers exploited
The cybersecurity firm Mandiant has revealed that the recently disclosed vulnerability affecting Barracuda Email Security Gateway (ESG) appliances was exploited by a China-linked threat actor known as UNC4841. The vulnerability, tracked as CVE-2023-7102, allows for arbitrary code execution through the open-source library ‘Spreadsheet::ParseExcel’, used by ESG devices to check Excel email attachments for malware. Mandiant has been working closely with
