Airbus Data Breach: Hackers Leak Confidential Documents Online

Airbus, the European aerospace giant, has launched an investigation after a hacker leaked confidential data online. The data breach affected the company’s commercial aircraft division and exposed sensitive information such as technical specifications, contracts, invoices, and customer lists. The hacker, who goes by the name of “Aeroboi”, claimed to have accessed the Airbus network through […]

How scammers use social media platforms like Meta to lure and rob unsuspecting victims

Social media platforms like Meta, formerly known as Facebook, have become a gold mine for phishing scams that target ordinary people and trick them into giving up their personal and financial information. These scams often use fake profiles, messages, and ads that impersonate celebrities, influencers, or friends to lure unsuspecting victims into clicking on malicious […]

How to Secure Your SaaS Business in 7 Easy Steps

SaaS (Software as a Service) is a popular business model that allows customers to access software applications over the internet. However, SaaS providers face many security challenges, such as data breaches, ransomware attacks, compliance issues, and insider threats. To protect their customers and reputation, SaaS providers need to implement a robust security strategy that covers […]

MGM Resorts Shut Down by Cyberattack

MGM Resorts, one of the largest hotel and casino operators in the world, has been hit by a cyberattack that forced it to shut down its IT systems on Monday. The company said it was working to restore normal operations as soon as possible, but did not provide any details on the nature or extent […]

Risk management is no longer an ignorable option for smaller organizations

Risk management is often seen as a complex and costly process that is only suitable for large organizations. However, this is a misconception that can put smaller companies at a disadvantage in today’s dynamic and uncertain business environment. Smaller companies face many of the same risks as larger ones, such as cyberattacks, natural disasters, regulatory […]

Microsoft’s email signing key breach: What happened and why it matters

Microsoft has revealed how a group of Chinese hackers, dubbed Storm-0558, managed to steal one of its email signing keys and use it to compromise the accounts of several US government officials and diplomats. The breach, which occurred in April 2021, was part of a targeted espionage campaign that aimed to access the unclassified emails […]

Special Sunday Bulletin for My Fellow Cybersecurity Colleagues

North Korea has a notorious reputation for launching cyberattacks against various countries and organizations. But did you know that they are also targeting the cybersecurity community itself? That’s right, North Korean hackers have been using a zero-day exploit in an unspecified software package to compromise the machines of security researchers. The hackers use social media […]

Iranian Hackers Target US Aeronautical Organization via Zoho and Fortinet Flaws

Summary Background The US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory on September 8, 2023, warning that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. The advisory was based on an incident response engagement […]

Fraud-as-a-service platform that targets banks and other brands

ClassiCam, a fraud-as-a-service platform that targets banks and other brands, has expanded its operations to include more than 250 victims worldwide. The platform, which uses deepfake technology to create realistic videos of people performing fraudulent transactions, has been operating since 2019 and has reportedly generated over $1.5 million in revenue. According to a report by […]

CISA warning: Nation-state hackers are targeting critical infrastructure

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to the public and private sector about a new wave of cyberattacks from nation-state actors that target critical infrastructure. The attacks are part of a broader campaign that aims to disrupt, damage, or destroy critical infrastructure systems and services. The CISA warning states that […]