Okta, a prominent provider of authentication services, has identified security firm Sitel as a third-party entity involved in a critical security breach that occurred in late January. This incident permitted the LAPSUS$ extortion gang to gain unauthorized access to an internal account assigned to a customer support engineer. The breach…
Fraud Management & Cybercrime, Government, Industry Specific Statewide Cyber Breach Affects 60 Agencies Before Ransomware Implementation Chris Riotta (@chrisriotta) • November 6, 2025 Image: Shutterstock/ISMG Recent analyses reveal that a ransomware threat actor compromised Nevada’s statewide government systems for several months prior to executing a ransomware attack. An after-action report…
In a significant cybersecurity incident, approximately 2.7 million owners of Hyundai and Kia vehicles may have had their personal data compromised due to a breach in the Hyundai IT services infrastructure. This security breach, reported by Cybernews, raises serious concerns regarding the protection of sensitive consumer information amid an increasingly…
In a recent development reflecting the persistent threat posed by Russian cyber actors, Microsoft has disclosed that the hackers behind the SolarWinds breach have resumed operations utilizing password spraying and brute-force methods to compromise customer accounts. This resurgence serves as a stark reminder that the attackers remain active and adept…
Recent assessments challenge the prevalent narratives promoted by certain AI firms claiming that AI-generated malware is a prevalent, imminent threat to traditional security measures. These companies, many of which are vying for new investment funding, paint a dramatic picture of a new era shaped by AI-driven malicious activities. A case…
Data Breach at Block’s Cash App: Former Employee Improperly Accessed Customer Information Block, the parent company of Cash App, has reported a significant data breach involving a former employee who unlawfully accessed sensitive reports related to Cash App Investing. This incident, which has raised concerns regarding data security, particularly involves…
Data Governance, Data Privacy, Data Security DHS Expands SAVE Database for Voter Verification, Sparking Privacy Concerns Chris Riotta (@chrisriotta) • November 5, 2025 Image: VL-PhotoPro/Shutterstock The Department of Homeland Security (DHS) has announced plans to extend the use of its Systematic Alien Verification for Entitlements (SAVE) database for voter verification,…
Seoul: Cybersecurity Gaps Exposed at KT Corp. Following Malware Incident In a troubling development, KT Corp., South Korea’s second-largest mobile operator, has been implicated in a significant cybersecurity breach involving the concealment of malware infections. An investigation led by government authorities uncovered that the company failed to disclose critical security…
The connection between detection and response (DR) practices and cloud security has historically been tenuous. As businesses worldwide increasingly transition to cloud-based environments, security strategies have predominantly centered on “shift-left” methodologies—prioritizing secure code, maintaining proper cloud configurations, and rectifying misconfigurations. This focus has inadvertently fostered a dependence on a broad…
