Shadow Gaming Platform Hack: A Wake-Up Call for Cloud Security
Cloud gaming is a promising technology that allows users to stream high-end games from remote servers without installing any software or hardware. However, it also comes with security risks, as demonstrated by the recent data breach that affected Shadow, a French cloud gaming provider. According to Shadow’s CEO, the company was the victim of a […]
Microsoft to phase out NTLM authentication in Windows 11
Microsoft is planning to eliminate the use of NTLM authentication in Windows 11, a legacy protocol that has been around since the 1980s and has been exploited by hackers for decades. NTLM stands for New Technology LAN Manager, and it was originally developed for OS/2, a joint operating system project between Microsoft and IBM. NTLM […]
California Delete Act Expands Consumer Privacy, Again
On October 10, 2023, Governor Gavin Newsom signed the California Delete Act into law ¹. The act is an amendment to the existing California privacy laws, including the California Consumer Privacy Act (CCPA) ⁷. The new law will have a significant impact on companies’ privacy compliance obligations ³. It will create difficult compliance obligations for […]
LinkedIn SmartLinks may Lead to Hack
How Smart Links Attacks Target Microsoft Accounts Smart links are a feature of LinkedIn that allows users to share and track content with their contacts. However, hackers have found a way to abuse this feature to launch phishing attacks that aim to steal Microsoft account credentials. In this article, we will explain how smart links […]
Passkeys 101, and Why this is Now Google’s Default
Introduction Passwords are one of the most common and widely used methods of authentication on the web. However, passwords also have many drawbacks and limitations that make them vulnerable to various types of attacks, such as phishing, brute force, credential stuffing, and password reuse. Moreover, passwords are often hard to remember and manage, especially for […]
13m DNA Records Are Now Available for Sale for $10 Each on BreachForums
On October 6, 2023, a hacker posted a sample of data stolen from 23andMe, a popular genetic testing company, on a dark web forum called BreachForums. The hacker claimed to have access to 13 million pieces of data, mostly from users of Ashkenazi Jewish and Chinese descent, who had opted in to a feature called […]
MGM Hacked Data Available for Download for $4k
MGM Resorts, one of the largest hotel and casino operators in the world, suffered a ransomware attack in 2020 that resulted in a massive data breach and a financial loss of over $100 million. The attack was carried out by a cybercriminal group known as REvil, which demanded $21 million in Bitcoin for the decryption […]
Key Takeaways from Microsoft’s Digital Defense Report
The Microsoft Digital Defense Report (MDDR) is an annual publication that provides insights and analysis on the state of cybersecurity in 2023. The report covers various aspects of cyber threats, such as nation-state actors, cybercrime, ransomware, phishing, malware, cloud security, and supply chain attacks. The report also highlights the efforts of Microsoft and its partners […]
The NSA and CIA Release the Top 10 Cybersecurity Mistakes to Avoid
Cybersecurity is a vital aspect of any organization’s operations, especially in the digital age. However, many organizations make common mistakes that expose them to cyberattacks and compromise their data and systems. To help organizations improve their cybersecurity posture, the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint […]
Patch your iPads and iPhones Today
Apple has released an emergency update for iOS and iPadOS to fix a zero-day vulnerability that was actively exploited to hack iPhones and iPads. The update also patches two other security flaws that could allow attackers to execute arbitrary code or access sensitive information. The zero-day vulnerability, tracked as CVE-2023-42824, affects the kernel component of […]