accounts
-
Blog
Washington Post’s email system hacked, journalists’ accounts compromised
Email accounts of several Washington Post journalists were compromised in a cyberattack believed to have been carried out by a foreign government. The incident was discovered on Thursday evening and the publication started an investigation. On Sunday, June 15, an internal memo was sent to employees, informing them of a “possible targeted unauthorized intrusion into their email system.” According to The…
Read More » -
Blog
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last December and has successfully hijacked multiple accounts, say researchers at cybersecurity company Proofpoint, who attribute the activity to a threat actor called UNK_SneakyStrike. According to the researchers, the peak of the campaign happened on January…
Read More » -
Blog
McLean Mortgage notifies 30K people of data breach that compromised SSNs, financial accounts
McLean Mortgage Corporation yesterday confirmed it notified 30,453 people of an October 2024 data breach that compromised names, Social Security numbers, driver’s license numbers, and financial account numbers. Ransomware gang Black Basta took credit for the attack in November 2024, when it gave McLean one week to pay an undisclosed amount in ransom. To prove its claim, Black Basta posted…
Read More » -
Blog
OpenAI is clamping down on ChatGPT accounts used to spread malware
OpenAI has taken down a host of ChatGPT accounts linked to state-sponsored threat actors as it continues to tackle malicious use of its AI tools. The ten banned accounts, which have links to groups in China, Russia, and Iran, were used to support cyber crime campaigns, the company revealed late last week. “By using AI as a force multiplier for…
Read More » -
Blog
Google patched bug leaking phone numbers tied to accounts
A vulnerability allowed researchers to brute-force any Google account’s recovery phone number simply by knowing a their profile name and an easily retrieved partial phone number, creating a massive risk for phishing and SIM-swapping attacks. The attack method involves abusing a now-deprecated JavaScript-disabled version of the Google username recovery form, which lacked modern anti-abuse protections. The flaw was discovered by security…
Read More » -
Blog
100,000 accounts have been hit in a HMRC scam campaign, but the tax office says it wasn’t hacked – here’s why
The UK’s tax revenue service has lost £47 million in a breach that started last year and impacted 100,000 people. The HMRC told the treasury select committee yesterday that the account scam was the result of “organized crime” that set up PAYE, or ‘Pay As You Earn’, accounts for individual taxpayers and used them to claim refunds. “This was organized…
Read More » -
Blog
Prepping your gadgets, accounts, and apps for an overseas move
Moving is stressful at the best of times, and while moving to a new country is exciting, it also adds a layer of logistical complications, especially when it comes to tech. As someone who’s tackled several international moves — most recently, from my native Australia to the US in mid-2023 — here are some tips for figuring out what to…
Read More » -
Blog
Payne County, OK Sheriff confirms ransomware attack, tells residents to protect accounts
The Payne County Sherriff’s Office in Oklahoma this week confirmed it was hit by a ransomware attack last month. One June 3, 2025, the Sheriff’s Office announced that anyone who filed a report prior to May 15 should monitor their credit reports and bank accounts, issue fraud alerts, and change passwords. “The cyberattack has had no impact on the office’s…
Read More » -
Blog
Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization’s Salesforce platforms. According to Google’s Threat Intelligence Group (GTIG), which tracks the threat cluster as ‘UNC6040,’ the attacks target English-speaking employees with voice phishing attacks to trick them into connecting a modified modified version of Salesforce’s Data…
Read More » -
Blog
A cybersecurity researcher just discovered a treasure trove of leaked accounts: More than 184 million logins were readily available online, with Google, Meta, and Apple users affected
A cybersecurity researcher has uncovered a mysterious, publicly accessible database containing millions of login credentials from services including Facebook, Apple, and Microsoft. The publicly exposed database was not password-protected or encrypted, and contained more than 184 million unique logins and passwords, adding up to 47.42GB of raw credential data. The data included emails, usernames, passwords, and the URL links to…
Read More »