Joint Investigation Launched into 23andMe Data Breach by British and Canadian Regulators In a significant development for data protection and cybersecurity, British and Canadian privacy authorities have initiated a comprehensive investigation into the major data breach that transpired at the genetics company 23andMe last year. This investigation follows the unauthorized…
Threat actors continuously adapt their strategies to circumvent cyber defenses, employing creative tactics to compromise user credentials. A notable method is the hybrid password attack, which integrates multiple cracking techniques, enhancing their efficacy. This multifaceted approach leverages the strengths of different methods, expediting the password-cracking process and presenting significant challenges…
Fidelity Investments has recently disclosed a data breach that occurred in mid-August, affecting more than 77,000 of its customers. The nature of the breach raises significant concerns about the security posture of the company, particularly in relation to its customer-facing web applications, which may have been exploited due to apparent…
Cybersecurity researchers are raising urgent concerns over a troubling campaign exploiting internet-exposed Selenium Grid services for unauthorized cryptocurrency mining. This activity, tracked by cloud security firm Wiz under the name SeleniumGreed, targets outdated versions of Selenium, specifically those released before 3.141.59, and has reportedly been active since at least April…
On April 24, 2024, cloud storage provider Dropbox reported a data breach affecting its digital signature product, Dropbox Sign, formerly known as HelloSign. Unidentified threat actors gained unauthorized access to sensitive user information, including emails, usernames, and general account settings for all Dropbox Sign users. The incident was disclosed in…
In recent weeks, a significant wave of social engineering attacks has emerged, targeting users of Gmail worldwide. Reports indicate that many individuals have received fraudulent phone calls from impersonators claiming to represent Google Support. These calls, which utilize advanced AI technology, are designed to deceive users into revealing their account…
Internet Archive Suffers Major Cybersecurity Incident The Internet Archive, the nonprofit entity renowned for its role in preserving a vast array of digital knowledge, has been struck by a significant cyberattack that has taken both its Archive.org and OpenLibrary.org services offline. This breach not only threatens the integrity of one…
Critical Security Flaw in Acronis Cyber Infrastructure Exploited Cybersecurity firm Acronis has issued a warning regarding a serious security vulnerability in its Cyber Infrastructure (ACI) product, which has reportedly been exploited in active attacks. The vulnerability, designated as CVE-2023-45249, carries a remarkably high CVSS score of 9.8 and is associated…
Czechia and Germany have disclosed that they fell victim to an extensive cyber espionage campaign orchestrated by the Russian-affiliated state-sponsored group known as APT28, which has drawn sharp rebukes from several Western entities, including the European Union (E.U.), NATO, the United Kingdom, and the United States. According to a statement…
