As the Christmas of 2024 approaches, countless Americans will be traversing the nation to reunite with family and partake in festive services. While roadways, railways, and airlines facilitate these journeys, the latter option promises speed and convenience, allowing families additional…
CloudSEK Identifies Major Data Exposure from Postman Workspaces, Putting Sensitive Information at Risk CloudSEK’s TRIAD team recently uncovered a significant security threat involving the exposure of over 30,000 public workspaces on Postman, a widely used cloud-based API development platform. This…
The Limitations of SOC2 Audits in Preventing Cybersecurity Breaches: A Critical Analysis In recent discussions surrounding cybersecurity, there has been growing scrutiny about the effectiveness of SOC2 audits in safeguarding sensitive data from breaches. While SOC2 compliance is often seen…
The challenge surrounding the recovery of ransom payments made to cybercriminals has become increasingly complex, particularly following the recent arrest of Rostislav Panev. Apprehended by Interpol in Israel, Panev is connected to the notorious LockBit ransomware group that has exploited…
Blockchain & Cryptocurrency, Cryptocurrency Fraud, Fraud Management & Cybercrime Researchers Trace 61% of Known Losses This Year to State-Sponsored Cybercriminals in North Korea Mathew J. Schwartz (euroinfosec) • December 23, 2024 North Korea currently lacks a memorial for its stolen…
This year has witnessed a significant surge in cybersecurity incidents, with numerous breaches, attacks, and operational failures capturing global headlines. Among these, select events stand out for their profound implications, potentially altering protective measures within the industry, challenging vendors to…
KEY SUMMARY POINTS The Lazarus Group, a hacking entity with ties to North Korea, has redirected its focus toward the nuclear industry, an alarming escalation from its previous concentrations on sectors such as defense, aerospace, and cryptocurrency. This shift suggests…
Ransomware impersonation represents a significant cybersecurity threat in which cybercriminals pose as legitimate entities to extort money from their victims. Utilizing various tactics including phishing emails, telephone scams, and social engineering, attackers trick targets into believing they are engaging with…
As 2024 draws to a close, cybersecurity firms are reporting significant upheaval in the cybercrime landscape, particularly relating to phishing-as-a-service operations. Recent assessments by Sophos indicate that the once-prominent phish-tool Rockstar 2FA, notorious for its sophisticated phishing campaigns, has reportedly…
The Federal Trade Commission (FTC) announced on Friday that it has finalized an order mandating Marriott International and its subsidiary, Starwood Hotels, to enhance their digital security protocols. This development follows allegations against the companies for insufficient security practices that…
