Recent data reports indicate a troubling rise in adversary-in-the-middle attacks, which have become increasingly sophisticated and prevalent. In 2022 alone, a specific group executed a series of attacks that compromised over 10,000 credentials from 137 organizations. Notably, the attack led to a security breach involving Twilio, a well-known authentication provider.…
World Password Day serves as an annual reminder of the critical importance of secure passwords, occurring on the first Thursday of May. This is a day when we hope that users have left behind easily guessable options like “password1” and “qwerty,” although, unfortunately, that is often not the case. Passwords…
Fraud Management & Cybercrime, Geo Focus: The United Kingdom, Geo-Specific Retailer Continues to Recover From Ransomware Attack Akshaya Asokan (asokan_akshaya) • May 1, 2025 Image: Patat / Shutterstock British retailer Marks & Spencer has reportedly been targeted by the financial crime group known as Scattered Spider, which executed a ransomware…
Cybercrime, Fraud Management & Cybercrime, Incident & Breach Response Baltimore Public Schools Data Breach; Disney Menu Hacker Sentenced Anviksha More (AnvikshaMore) • May 1, 2025 Image: Shutterstock / ISMG Each week, Information Security Media Group compiles reports on cybersecurity incidents across the globe. This week’s highlights include a notable increase…
Recent insights from cybersecurity experts spotlight the implications of sharing data with AI systems, emphasizing the potential risks tied to privacy and biometric data. Jake Moore, a global cybersecurity adviser at ESET, underscores this concern, particularly illustrated by his creation of an action figure designed to highlight the privacy vulnerabilities…
According to a recent report from Zimperium zLabs, a troubling trend has emerged within the mobile technology sector: approximately 50% of mobile devices globally operate on outdated or obsolete operating systems. Such a situation presents severe security vulnerabilities, exposing these devices to a range of evolving cyber threats. This issue…
A misconfigured, non-password-protected database belonging to TicketToCash has exposed sensitive information from over 520,000 customers, including personally identifiable information (PII) and partial financial data. Recently, cybersecurity researcher Jeremiah Fowler discovered a misconfigured database totaling 200GB that was publicly accessible, revealing more than 520,000 records related to TicketToCash, a platform for…
Verizon has reported a troubling increase in retail cyberattacks, highlighting significant vulnerabilities in the sector. The tech giant’s findings suggest that malicious actors are increasingly targeting retail organizations, exploiting weaknesses in their cyber defenses. With the retail sector being a cornerstone of the U.S. economy, the implications for business owners…
France has accused the Russian hacking group APT28, known as Fancy Bear, of executing a cyber espionage campaign targeting French government entities. This report highlights the group’s ties to Russia’s military intelligence agency, the GRU, and outlines their techniques and prior incidents, including the notorious hack of TV5Monde. Recent allegations…
