The phishing-as-a-service kit from Sneaky Log creates fake authentication pages to farm account information, including two-factor security codes.
The phishing-as-a-service kit from Sneaky Log creates fake authentication pages to farm account information, including two-factor security codes.
Cybercriminals are becoming increasingly sophisticated, agile, and fast. For managed service providers (MSPs) supporting small and medium-sized businesses (SMBs) with cybersecurity services, staying ahead of these adversaries is crucial. One of the most effective ways to do so is through round-the-clock threat hunting. In this blog, we’ll explore why constant threat hunting is essential, the […]
The post Why MSPs need proactive, 24/7 threat hunting appeared first on Webroot Blog.
A private key, also known as a secret key, is a variable in cryptography used with an algorithm to encrypt […]
Our upcoming Security Onion 2.4.120 release includes CyberChef 10.19.4! Security Onion 2.4.120 is coming soon!
In July 2024, a threat actor gained access to the hotel management platform Otelier and retrieved customer data from well-known hotel brands including Marriott, Hilton, and Hyatt. The data included 437k customer email addresses (a further 868k generated email addresses from the booking.com and Expedia platforms were not loaded into HIBP), names, physical addresses, phone numbers, booking information related to travel plans, purchases recorded by the platform and in a small number of cases, partial credit card data. The data was provided to HIBP by a source who requested it be attributed to “ayame@xmpp.jp”.
In July 2024, MSI inadvertently exposed hundreds of thousands of customer records related to RMA claims that were subsequently found to be publicly accessible. The data included 250k unique email addresses alongside names, phone numbers, physical addresses and warranty claims. When contacted about the incident, MSI advised that “there is no evidence the information was ever accessed” and that “the security incident we had did not trigger state data breach notification obligations” due to the absence of “(social security number, driver’s license number….etc)”.
Our upcoming Security Onion 2.4.120 release includes a new MSI option for deploying the Elastic Agent to your Windows endpoints! […]
In January 2025, a data breach from the Columbian website for Le Coq Sportif was posted to a popular hacking forum. The data included almost 80k unique email addresses with the breach dating back to May 2023. Impacted data included physical and IP addresses, names, purchases, genders, dates of birth and bcrypt password hashes. The data was provided to HIBP by a source who requested it be attributed to “oathnet.ru”.
AI cloning and deepfakes rank among the top challenges for Australian cybersecurity professionals in 2025.
The proposed mandate intends to discourage criminals from targeting critical national infrastructure and public services, as there will be no financial motivation.