Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2024

Identify Weak User Passwords With KnowBe4's Enhanced Weak Password Test

Passwords are part of every organization’s security risk profile. Just one weak password with access to an organization’s critical systems can cause a breach, take down a network or worse. Whether we like it or not, passwords are here to stay as a form of authentication. It’s why cybercriminals never stop looking for ways to hack into your network. If your users’ passwords can be guessed, they’ve made the bad actors’ jobs that much easier.

HP Enterprise Reveals It was hacked by the same Russians that broke into Microsoft

In a new SEC disclosure, Hewlett Packard Enterprise (HPE) announced on Wednesday that it fell prey to the same Russian intelligence group, known as Midnight Blizzard or Cozy Bear, that recently breached Microsoft's email system. This disclosure comes just a week after Microsoft reported a similar intrusion, putting the spotlight back on this notorious hacking group.

Underground Alliances: State-Sponsored Hacking & Ransomware Realities Unveiled | Razorthorn Security

Uncover the covert world of state-sponsored hacking in our latest video. Explore how decent hacking groups showcase their skills, often in the realm of ransomware, to secure sponsorships through discreet back channels. These partnerships, sometimes with organizations linked to government-affiliated entities, provide the green light to target perceived adversaries. Has the spotlight dimmed on these activities? Quite the contrary – it's expanding.

Russian Hackers Win Big: Microsoft's Senior Exec Team Emails Breached

In a Friday regulatory filing, Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also identified as Nobelium or APT29. Microsoft's disclosure aligns with new U.S. requirements for reporting cybersecurity incidents. The attack was detected on January 12th, 2024, but it appears to have started in November 2023.

What Is Hacktivism?

Not every cybercrime is about, well, the crime. In fact, some attacks are designed to draw attention to a cause, not stolen data or paydays. Social activism has been around forever. Today, it can manifest in the physical world, of course, and increasingly we see social activism in the digital world, too, ranging from minor activist activities all the way to high-profile cybercrime incidents.

Why Do Hackers Want Medical Records?

Hackers want stolen medical records to commit identity theft, use the stolen data as a ransom, sell it on the dark web or impersonate the victim to receive medical services. Medical records are valuable to cybercriminals as they allow cybercriminals to commit fraud and go undetected longer than they can with other Personally Identifiable Information (PII).

What To Do if Your Online Accounts Keep Getting Hacked

If your online accounts keep getting hacked, you should scan your computer for malware, update your account passwords, enable MFA, check your account’s settings for suspicious changes, change your account’s security questions and place a fraud alert on your credit report. Continue reading to learn the signs that point to your online account being hacked, steps to take when your account is hacked and how to prevent your account from being hacked again.

Decoding ethical hacking: A comprehensive exploration of white hat practices

In era of digital devices, where the specter of data breaches and cyber threats looms large, the role of ethical hackers, colloquially known as white hat hackers, has become paramount. This article embarks on an in-depth journey into the realm of ethical hacking, illuminating its profound significance in identifying vulnerabilities and fortifying the intricate tapestry of overall cybersecurity.

Google Dorking: An Introduction for Cybersecurity Professionals

Google Dorking, also known as Google Hacking, is a technique using sophisticated search queries to uncover information on the internet not easily accessible through typical search queries. It leverages the capabilities of Google’s search algorithms to locate specific text strings within search results.

Fueling Chaos: Hacker Group Grinds 70% of Iran's Gasoline System to a Halt

The Iranian government has made the claim that a cyber threat group, identified as Gonjeshke Darande or "Predatory Sparrow" in Persian, is linked to Israel and has taken responsibility for the disruption of gasoline pumps throughout Iran on December 18, 2023. Gonjeshke Darande’s (Predatory Sparrow) Telegram channel statement claiming an attack against Iranian gas pumps. In many instances, statements and claims of this nature often prove to be unsubstantiated.