Scattered Lapsus Shiny Hunters: A New Threat in Cyber Extortion A notorious cyber extortion group known as Scattered Lapsus Shiny Hunters (SLSH) has been making headlines for its aggressive tactics in seeking ransoms from compromised organizations. This group employs a unique and harrowing approach that goes beyond conventional ransomware schemes,…
Massive Cyber Breach Targets Sony Pictures Entertainment The holiday season in the U.S. took a detrimental turn for Sony Pictures Entertainment when the company fell victim to a significant cyber attack. Over the Thanksgiving weekend, a group identifying itself as “Guardians of Peace” breached Sony’s computer systems, resulting in a…
In a significant cybersecurity incident, Anthem, the nation’s second-largest health insurance provider, disclosed on Wednesday that cybercriminals have compromised the personal information of more than 80 million individuals. This breach surpasses the scale of the infamous Target data breach in 2013, which involved stolen payment card data for 40 million…
Fraud Management & Cybercrime, Identity & Access Management, Security Operations ShinyHunters Campaign Utilizes Voice Phishing to Circumvent MFA and Compromise Corporate Data Mathew J. Schwartz (euroinfosec) • January 28, 2026 Image: Oleksandr Yashchuk/Shutterstock Security experts are advising customers of identity provider Okta utilizing its single-sign-on (SSO) services to remain vigilant…
In an increasingly interconnected world, recent cyber incidents underscore the vulnerabilities that organizations face today. A notable highlight includes a series of impactful cyber attacks that exemplify the pressing need for robust cybersecurity measures across various sectors. One alarming case involved the hacking of vehicles, particularly the Jeep Cherokee. Security…
Cybersecurity experts are currently grappling with a surge of voice-phishing attacks aimed at single sign-on (SSO) tools. These coordinated efforts have led to instances of data theft and extortion, as various cybercrime groups, including one claiming ties to ShinyHunters, harness sophisticated voice calls and phishing kits to deceive victims into…
Recent findings from cybersecurity firm Mandiant reveal significant zero-day vulnerabilities in Windows Installers associated with Atera’s remote monitoring and management software. These vulnerabilities could potentially be exploited to initiate privilege escalation attacks against affected systems. Identified on February 28, 2023, these vulnerabilities have been allocated the identifiers CVE-2023-26077 and CVE-2023-26078.…
A cybersecurity firm, Trustwave, is facing legal action from Affinity Gaming, a casino operator based in Las Vegas. The lawsuit alleges that Trustwave conducted an investigation deemed “woefully inadequate” in response to a network breach that exposed the casino’s systems. The action highlights growing concerns regarding the effectiveness of cybersecurity…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently revealed critical details regarding a sophisticated backdoor malicious software identified as SUBMARINE. This malware has reportedly been employed by threat actors in connection with an exploit targeting Barracuda Email Security Gateway (ESG) appliances, which has raised alarms within the cybersecurity landscape.…
