Chinese State Hackers Exploit Zero-Day Vulnerabilities in Citrix Networking Equipment
According to the National Security Agency, actors backed by the Chinese government are actively targeting a zero-day vulnerability in two commonly-used Citrix networking devices. The exploit (CVE-2022-27518) affects Citrix ADC, an...
Beware of Luna Moth Callback Phishing Scam
Palo Alto’s Unit 42 recently issued a threat assessment alert outlining a new phishing scam that is unique and successful. The scam is believed to be carried out by the Luna...
Killnet Takes Credit for Disabling State Websites
Killnet, a Russian-speaking hacking group that emerged shortly after Russia invaded Ukraine, took responsibility last week for deploying a denial-of-service attack that temporarily took several U.S. states’ websites offline. Although reported...
Hackers Experimenting with Deploying Destructive Malware
It’s a cold, hard fact that hackers don’t really care about their victims or their victims’ data or business. They are greedy, evil human beings that just want the money. The...
Hackers Caused a Traffic Jam in Moscow
Hackers caused a massive traffic jam in Moscow by exploiting the ride-sharing app Yandex Taxi and using it to summon dozens of taxis to a single location. While Yandex has not...
Password Manager LastPass Admits to Hack
Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of users were compromised in the incident,...
Privacy Tip #343 – The Pros and Cons of Password Managers
With the recent announcement by LastPass that it was hacked, and source code was compromised (LastPass is reporting that no passwords were compromised) [view related post], I thought it timely to...
Mediant Communications Settles Data Breach Class Action Lawsuit
Last week, Mediant Communications Inc. (Mediant) settled a class action lawsuit in the U.S. District Court for the Southern District of New York stemming from a 2019 data breach in which...
Russian Government Officials Charged with Hacking U.S. Energy Infrastructure
The U.S. Department of Justice (DOJ) unsealed indictments against four Russian government officials on March 24, 2022, alleging that they hacked into networks that controlled energy systems in the U.S. According...
FTC Files Suit Against CafePress for “Data Breach Cover Up”
The Federal Trade Commission (FTC) issued a press release on March 15, 2022, stating that it was taking action against CafePress “over allegations that it failed to secure consumers’ sensitive personal...