Month: August 2023

In August 2023, CERT Poland observed a phishing campaign that collected credentials from 68k victims. The campaign collected email addresses and passwords via a phishing email masquerading as a purchase order confirmation. CERT Poland identified a further 202 other phishing campaigns operating on the same C2 server, which has now been dismantled.

In January 2020, the online clothing retailer Pampling suffered a data breach that exposed 383k unique customer email addresses. The data was later shared on a popular hacking forum and also included usernames and unsalted MD5 password hashes. Pampling did not respond to multiple attempts to disclose the breach.

In August 2023, PlayCyberGames which “allows users to play any games with LAN function or games using IP address” suffered a data breach which exposed 3.7M customer records. The data included email addresses, usernames and MD5 password hashes with a constant value in the “salt” field. PlayCyberGames did not respond to multiple attempts to disclose the breach.

SANS Institute offers these key courses to help security awareness and culture professionals develop in their careers.

Learn various methods to find OSINT resources and communities, figure out how to practice techniques and build your skillset, and learn how you can get a job in OSINT.