Hot Topic, a well-known retailer specializing in pop-culture merchandise and fashion, is currently facing significant scrutiny due to a recent data breach. The breach allegedly involves a cybercriminal group identified as ‘Satanic,’ which is demanding a ransom of $100,000 in exchange for the deletion of a dataset containing sensitive information…
Cybercrime, Fraud Management & Cybercrime, Standards, Regulations & Compliance U.S. to Push for Human Rights Protections in Support of Cybercrime Treaty Chris Riotta (@chrisriotta) • November 12, 2024 The United Nations cybercrime treaty has drawn strong objections from Western tech and cybersecurity firms during the negotiation process. (Image: Shutterstock) The…
In a significant cybersecurity incident, Hot Topic has reportedly experienced a data breach affecting nearly 57 million individuals. This breach has raised alarms within the retail sector, as the company is recognized as a prominent fashion retailer catering to a diverse consumer base, particularly those with a penchant for pop…
Wiz Reports: Microsoft Attack Using Azure AD Token Forging Technique Has Wider Implications Beyond Outlook
On July 21, 2023, it was revealed that the recent breach of Microsoft’s email services by the Chinese state-sponsored group Storm-0558 is more extensive than initially suspected. According to cloud security firm Wiz, the attack exploited an inactive consumer signing key from Microsoft accounts (MSA) to forge Azure Active Directory (Azure AD) tokens, allowing unauthorized access not just to Outlook Web Access (OWA) and Outlook.com, but potentially to a wide range of Azure AD applications. This includes major platforms like OneDrive, SharePoint, and Teams, as well as customer applications utilizing "Login with Microsoft" features, and certain multi-tenant applications under specific conditions. Wiz’s CTO, Ami Luttwak, emphasized, "Everything in the world of Microsoft leverages Azure Active Directory auth tokens for access," highlighting the far-reaching implications of this vulnerability.
In a recent report by Wiz, a cloud security firm, it has come to light that the recent breach of Microsoft’s email infrastructure by the Chinese state-sponsored group known as Storm-0558 has broader implications than initially perceived. The breach exploited an inactive Microsoft account (MSA) consumer signing key, which was…
Wiz Reports: Microsoft Attack Using Azure AD Token Forging Technique Has Wider Implications Beyond Outlook
On July 21, 2023, it was revealed that the recent breach of Microsoft’s email services by the Chinese state-sponsored group Storm-0558 is more extensive than initially suspected. According to cloud security firm Wiz, the attack exploited an inactive consumer signing key from Microsoft accounts (MSA) to forge Azure Active Directory (Azure AD) tokens, allowing unauthorized access not just to Outlook Web Access (OWA) and Outlook.com, but potentially to a wide range of Azure AD applications. This includes major platforms like OneDrive, SharePoint, and Teams, as well as customer applications utilizing "Login with Microsoft" features, and certain multi-tenant applications under specific conditions. Wiz’s CTO, Ami Luttwak, emphasized, "Everything in the world of Microsoft leverages Azure Active Directory auth tokens for access," highlighting the far-reaching implications of this vulnerability.
Endpoint Security, Fraud Management & Cybercrime, Social Engineering Malware Disguised as Avast Antivirus Detected Prajeet Nair (@prajeetspeaks) • November 12, 2024 Image: Shutterstock The Android SpyNote malware is utilizing a deceptive tactic by posing as an antivirus application to exploit Android systems, with the intent of infiltrating devices, taking control,…
Two Georgia Companies Sued Over Data Breaches On November 12, 2024, two companies based in Georgia were hit with a federal lawsuit, accused of inadequately protecting the personally identifiable information of thousands of individuals during a series of data breaches that occurred earlier this year. This lawsuit underscores the increasing…
On July 25, 2023, Cyber Threat Intelligence revealed that North Korean state-sponsored hackers connected to the Reconnaissance General Bureau (RGB) were linked to the JumpCloud breach due to a significant operational security (OPSEC) error that revealed their IP address. Google’s threat intelligence firm Mandiant has identified this group as UNC4899, which overlaps with known clusters like Jade Sleet and TraderTraitor—hackers notorious for targeting the blockchain and cryptocurrency sectors. Furthermore, UNC4899 shares connections with APT43, another hacking group affiliated with North Korea, previously exposed in March for conducting intelligence-gathering campaigns and stealing cryptocurrency from various companies. Their tactics include employing Operational Relay Boxes (ORBs) using L2TP IPsec tunnels along with commercial VPN services to conceal their identity.
North Korean State-Sponsored Hackers Identified in JumpCloud Breach Due to Operational Security Oversight On July 25, 2023, cybersecurity experts revealed that the recent breach of JumpCloud, a directory-as-a-service provider, has been linked to North Korean state-sponsored hackers associated with the Reconnaissance General Bureau (RGB). The inquiry into the attack found…
On July 25, 2023, Cyber Threat Intelligence revealed that North Korean state-sponsored hackers connected to the Reconnaissance General Bureau (RGB) were linked to the JumpCloud breach due to a significant operational security (OPSEC) error that revealed their IP address. Google’s threat intelligence firm Mandiant has identified this group as UNC4899, which overlaps with known clusters like Jade Sleet and TraderTraitor—hackers notorious for targeting the blockchain and cryptocurrency sectors. Furthermore, UNC4899 shares connections with APT43, another hacking group affiliated with North Korea, previously exposed in March for conducting intelligence-gathering campaigns and stealing cryptocurrency from various companies. Their tactics include employing Operational Relay Boxes (ORBs) using L2TP IPsec tunnels along with commercial VPN services to conceal their identity.
Emerging Concerns over Law Enforcement Surveillance Technologies and Implications for Privacy Recent discussions have highlighted the extensive array of tools available to law enforcement agencies, notably facial recognition technologies. Nicole Napolitano, director of research at the Center for Policing Equity, emphasized that while tools such as facial recognition can enhance…
Ransomware incidents are increasingly dominating news cycles, causing significant turmoil across various sectors. Organizations are scrambling to recover operations following these attacks, while customers remain anxious about the integrity of their personal data. The repercussions associated with ransomware extend well beyond mere operational hiccups; they can severely tarnish reputations, cause…
