News

ShinyHunters claim to be behind SSO-account data theft attacks

Bys s January 24, 2026

Lawrence Abrams reports: The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. In these attacks, threat actors impersonate IT support and call employees, tricking them…

Source

News

Beware the Hidden Costs of Pen Testing
Bys s October 16, 2025

Penetration testing helps organizations ensure IT systems are secure, but it should never be treated in a one-size-fits-all approach. Traditional approaches can be rigid and cost your organization time and money – while producing inferior results. The benefits of pen testing are clear. By empowering “white hat” hackers to attempt to breach your system using…

Read More Beware the Hidden Costs of Pen Testing
News

NSW gov contractor uploaded Excel spreadsheet of flood victims’ data to ChatGPT
Bys s October 6, 2025

Ry Crozier brings us today’s installment of the “No Need to Hack When It’s Leaking” Files The victims of the breach are applicants to the Northern Rivers Resilient Homes Program, under which the government is offering to either buy back flood-prone homes, contribute to the cost of rebuilding, or to improve resilience such as by elevating……

Read More NSW gov contractor uploaded Excel spreadsheet of flood victims’ data to ChatGPT
News

12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
Bys s February 28, 2025

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices…

Read More 12,000+ API Keys and Passwords Found in Public Datasets Used for LLM Training
News

Why Ransomware Attacks Are Decreasing in 2025
Bys s August 11, 2025

Ogbonda Chivumnovu reports: It started like a domino effect. One by one, the biggest names in ransomware began to vanish in Q2. From LockBit, once considered the most active and resilient ransomware gang, its empire began to unravel under the pressure of global law enforcement. Then, almost in sequence, other major players, 8Base, RansomHub, and……

Read More Why Ransomware Attacks Are Decreasing in 2025
News

The High-Stakes Disconnect For ICS/OT Security
Bys s January 15, 2025

Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn’t just ineffective—it’s high risk. In the rapidly evolving domain of cybersecurity, the specific challenges and needs for Industrial Control Systems (ICS) and Operational Technology (OT) security distinctly stand out from traditional IT security….

Read More The High-Stakes Disconnect For ICS/OT Security
News

Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro
Bys s October 2, 2025

Cybersecurity researchers have discovered two Android spyware campaigns dubbed ProSpy and ToSpy that impersonate apps like Signal and ToTok to target users in the United Arab Emirates (U.A.E.). Slovak cybersecurity company ESET said the malicious apps are distributed via fake websites and social engineering to trick unsuspecting users into downloading them. Once installed, both the…

Read More Warning: Beware of Android Spyware Disguised as Signal Encryption Plugin and ToTok Pro

Similar Posts