Employee risk and third-party visibility continues to be a challenge
Attackers Run on Dunkin’s DD Perks Rewards
Credential-stuffing attack targets rewards points from DD Perks account holders.
NSA Exploits Not Silent but Eternally Problematic
Researchers discover a new family of injections dubbed EternalSilence.
Attackers Keen on Automated Browsers
Since its release in 2017, Headless Chrome has grown popular among DevOps and attackers.
US Indicts Two Iranians for SamSam Campaign Blitz
Three years of attacks caused $30m in losses for hospitals, cities and others
Elasticsearch Snafu Exposes Data on 82 Million Americans
Personal info was left publicly accessible for at least two weeks
Dell Admits Potential Breach in Early November
Attackers may have obtained names, emails and hashed passwords
Hacker Steals Crypto from Copay Wallet Apps
Attacker uses malicious code to gain legitimate access to JavaScript library EventStream.
US Lawmakers Propose Stopping Grinch Bots Act
Legislation would make the use of automated accounts to inflate online prices illegal.
2.65 Million Records Exposed in Atrium Health Breach
A third-party breach potentially exposed millions of patient records.