SecureWorld News

FEBRUARY 6, 2025

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. However, even seemingly limited breaches can have downstream effects, enabling phishing attacks and social engineering schemes. How did this happen?

Data breaches 93

Data breaches Accountability Social Engineering Risk 93

Malwarebytes

FEBRUARY 25, 2025

Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. Given the field that DISA is active in, that information could interest cybercriminals for use as background information for targeted phishing attempts or extortion. Check the vendors advice.

Data breaches 96

Data breaches Passwords Phishing Password Management 96

SecureWorld News

APRIL 28, 2025

The phishing game has evolved into synthetic sabotage a hybrid form of social engineering powered by AI that can personalize, localize, and scale attacks with unnerving precision. The quiet revolution of phishing-as-a-service (PhaaS) If you haven't noticed by now, phishing has gone SaaS. For phishing, this is a gold mine.

Phishing 102

Phishing Social Engineering Engineering Data breaches 102

Krebs on Security

JUNE 28, 2019

says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors. As it happened, the PCM employee was not using multi-factor authentication.

Authentication 272

Authentication Accountability Data breaches Software 272

Thales Cloud Protection & Licensing

MAY 7, 2025

Phishing-Resistant MFA: Why FIDO is Essential madhav Thu, 05/08/2025 - 04:47 Phishing attacks are one of the most pervasive and insidious threats, with businesses facing increasingly sophisticated and convincing attacks that exploit human error.

Phishing 71

Phishing Authentication Passwords Social Engineering 71

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Vishing: Also known as voice phishing. What is mishing? and 9%in Brazil.

Phishing 81

Phishing Mobile Social Engineering Data breaches 81

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data. Revoke access to any app you no longer use or trust.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

The Last Watchdog

JULY 24, 2023

Today, bad actors are ruthlessly skilled at cracking passwords – whether through phishing attacks, social engineering, brute force, or buying them on the dark web. In fact, according to Verizon’s most recent data breach report, approximately 80 percent of all breaches are caused by phishing and stolen credentials.

Authentication 245

Authentication Passwords Phishing Social Engineering 245

Webroot

APRIL 22, 2025

If a company you do business with becomes part of a data breach, cybercriminals may have full access to your confidential information. Unfortunately, data breaches are on the rise and affecting more companies and consumers than ever. billion people received notices that their information was exposed in a data breach.

Data breaches 72

Data breaches Identity Theft Passwords eCommerce 72

The Last Watchdog

JULY 14, 2022

Phishing itself is not a new or a particularly complicated threat. But the emergence of advanced phishing techniques – “DeepSea Phishing” – poses an entirely new challenge for enterprises. The financial impact of phishing attacks quadrupled over the past six years, with the average cost for U.S. companies rising to $14.8

Phishing 277

Phishing Education Cybersecurity Threat Detection 277

Malwarebytes

NOVEMBER 4, 2024

In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people. Because of the data breach notification from Maine’s Attorney General, that number now has a little more clarity. Check the vendor’s advice.

Data breaches 113

Data breaches Passwords Ransomware Phishing 113

The Last Watchdog

AUGUST 19, 2021

The attacker claims to have compromised an end-of-lifed GPRS system that was exposed to the internet and was able to pivot from it to the internal network, where they were able to launch a brute force authentication attack against internal systems. Could be phished credentials. Could be weak application security practices.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Malwarebytes

APRIL 24, 2025

The tech giant may have used this data for targeted advertising, according to Blue Shield, which is one of the largest health insurers in the US. In a data breach notice on its website, Blue Shield says it had begun notifying certain members of a potential data breach that may have included elements of their protected health information.

Insurance 113

Insurance Data breaches Passwords Phishing 113

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 242

Phishing Passwords Hacking Internet 242

Malwarebytes

JUNE 1, 2024

Live Nation Entertainment has confirmed what everyone has been speculating on for the last week : Ticketmaster has suffered a data breach. For now, Ticketmaster users should keep an eye on their credit and bank accounts for an unauthorized transactions and follow our general data breach tips below. Take your time.

Data breaches 145

Data breaches Passwords Phishing Password Management 145

Malwarebytes

APRIL 8, 2025

By purchasing prominent Google Ads, they are creating highly convincing fake login pages designed to pilfer sensitive information, including usernames, passwords, and even one-time passcodes (OTPs) the keys to someone’s financial data needed for tax compliance.

Phishing 80

Phishing Scams Accountability Authentication 80

Malwarebytes

MAY 10, 2024

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum. So, this is another big data breach that leaves us with more questions than answers. Enable two-factor authentication (2FA). Change your password.

Data breaches 142

Data breaches Passwords Phishing Big data 142

Thales Cloud Protection & Licensing

JANUARY 31, 2025

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA andrew.gertz@t Fri, 01/31/2025 - 15:17 Celebrate Change Your Password Day and 2FA Day by embracing passkeys and phishing-resistant 2FA. Learn why these modern security practices are essential for safer, stronger authentication. Passwordless authentication.

Phishing 62

Phishing Passwords Password Management Authentication 62

Malwarebytes

JULY 19, 2024

The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). Because both of these breaches were announced/updated in the second quarter of 2024 they have a huge impact on the numbers. Enable two-factor authentication (2FA).

Data breaches 126

Data breaches Passwords Identity Theft Phishing 126

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. A Scattered Spider phishing lure sent to Twilio employees.

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices.

Mobile 342

Mobile Phishing Authentication Accountability 342

Malwarebytes

OCTOBER 8, 2024

Money transfer company MoneyGram has notified its customers of a data breach in which it says certain customers had their personal information taken between September 20 and 22, 2024. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 121

Data breaches Identity Theft Passwords Phishing 121

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. ” reads the data breach notification send to the impacted individuals. date and time of the message, type of message, etc.).”

Data breaches 140

Data breaches Social Engineering Engineering Authentication 140

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database. TARGETED PHISHING. customers this month. Take a deep breath.

Passwords 363

Passwords Password Management Phishing Scams 363

Malwarebytes

AUGUST 27, 2024

The Texas Dow Employees Credit Union (TDECU) has filed a data breach notification , reporting that the data of 500,474 people has been accessed in an external system breach. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 117

Data breaches Passwords Phishing Password Management 117

Malwarebytes

MAY 27, 2025

They often arrive via phishing emails, malicious websites, or bundled with cracked software. The stolen credentials fuel credential stuffing attacks (where an attacker uses reused logins stolen from one service to access another), account takeovers, identity theft, corporate espionage, and targeted phishing campaigns.

Identity Theft 145

Identity Theft Passwords Accountability Phishing 145

Malwarebytes

JANUARY 10, 2025

Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Every breach is different, so check with the vendor to find out whats happened, and follow any specific advice they offer. Enable two-factor authentication (2FA).

Ransomware 95

Ransomware Data breaches Passwords Phishing 95

Malwarebytes

MARCH 19, 2025

Sperm donor giant California Cryobank has announced it has suffered a data breach that exposed customers’ personal information. The data breach notification states that the breach occurred on April 20, 2024 and CCB discovered it on October 4, 2024. Enable two-factor authentication (2FA).

Banking 91

Banking Data breaches Computers and Electronics Insurance 91

Malwarebytes

DECEMBER 18, 2023

MongoDB said there is no evidence of unauthorized access to Atlas clusters since that would require compromise of the separate Atlas cluster authentication system. Scammers often try to take advantage of data breaches. Users are also advised to rotate database passwords and enable multi-factor authentication (MFA).

Data breaches 118

Data breaches Social Engineering Phishing Authentication 118

Malwarebytes

JULY 12, 2024

Back in March, AT&T confirmed that 73 million people had been affected in a breach that people had been speculating about for some time. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Watch out for fake vendors.

Data breaches 144

Data breaches Passwords Phishing Password Management 144

Malwarebytes

MARCH 25, 2025

There are no changes to the way the company stores, manages, or protects customer data. In 2023, not only did the company suffer a major data breach , it also placed some of the blame on the victims who, according to 23andMe, negligently recycled and failed to update their passwords. Enable two-factor authentication (2FA).

Passwords 114

Passwords Accountability Data breaches Phishing 114

Malwarebytes

JANUARY 15, 2024

As is often the case these days, it turns out that the cyberincident was very likely a ransomware attack that included a data breach. Ransomware operators typically steal data from the compromised systems to use as extra leverage against the victim. The company has not so far specified the type of data that may have been stolen.

Data breaches 122

Data breaches Identity Theft Passwords Ransomware 122

Malwarebytes

JUNE 14, 2024

The online handle of the seller immediately raised the suspicion that this was yet another Snowflake related data breach. Post by Sp1d3r on breach forum The post also mentions Suntrust bank because Truist Bank arose after SunTrust Banks and BB&T (Branch Banking and Trust Company) merged in December 2019. .”

Data breaches 113

Data breaches Banking Passwords Phishing 113

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business 88

Small Business Cybersecurity Scams Passwords 88

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Check the vendors advice.

Accountability 82

Accountability Data breaches Passwords Phishing 82

Malwarebytes

JULY 2, 2024

million people had been impacted by the resulting data breach. At first, Prudential said it believed only 36,000 people had had their data stolen, but that number has now been revised to 2.5 million in a new breach notification. Below are some general tips on what to do after you’ve fallen victim to a data breach.

Data breaches 117

Data breaches Identity Theft Passwords Phishing 117

Malwarebytes

MARCH 14, 2025

Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Every breach is different, so check with the vendor to find out whats happened, and follow any specific advice they offer. Enable two-factor authentication (2FA).

Passwords 86

Passwords Data breaches Phishing Password Management 86