Security | Threat Detection | Cyberattacks | DevSecOps | Compliance



ShinyHunters suspect extradited to United States from Morocco, could face 116 years in jail if convicted

A 22-year-old suspected of being "Seyzo", a member of the ShinyHunters cybercrime gang, has been extradited from Morocco to the United States, where - if convicted - he could face up to 116 years in prison. Sebastien Raoult, a French national, was arrested at Rabat international airport in Morocco on May 31 2022, while trying to take a flight to Brussels.


Predicting which hackers will become persistent threats

Websites are central to business operations but are also the target of various cyber-attacks. Malicious hackers have found several ways to compromise websites, with the most common attack vector being SQL injection: the act of injecting malicious SQL code to gain unauthorized access to the server hosting the website. Once on the server, the hacker can compromise the target organization's website, and vandalize it by replacing the original content with content of their own choosing.


How Did Red Cross Get Hacked?

The January 2022 International Committee of the Red Cross (ICRC) data breach was caused by an unpatched critical vulnerability in the Single Signe-In tool developed by Zoho, a business software development company. After exploiting the vulnerability (tracked as CVE-2021-40539), the cybercriminals deployed offensive security tools to help gain access to ICRC's contact database, resulting in the compromise of more than 515,000 globally.


How Did Kaseya Get Hacked?

The Kasya ransomware attack occurred through the exploitation of CVE 2021-30116, an authentication bypass vulnerability within Kaseya VSA servers. This allowed the hackers to circumvent authentication controls and executive commands via SQL injection, giving them all the control they needed to deploy their ransomware payload and encrypt a segment of Kaseya's internal data.


The Ethical Hacking Guide: Hacking for Security

Companies are under more threat than ever. The rise in cyber threats is alarming: 2021 saw a 30% increase in cyberattacks compared with 2020. Even sophisticated systems with complex countermeasure technologies for security may be vulnerable to attack. Many organizations turn to hackers to counteract these threats. Ethical hackers use the tools and methods of malicious actors to help companies pinpoint their weaknesses and build a more resilient and secure system.

Twitter Hack: How to Scrape Sensitive Data

Many past social media breaches resulted from scraping. Most recently, a hacker scraped over 400 million records from Twitter. And it’s only a matter of time before another data breach occurs using the same technique. In this blog, I’ll explain how hackers scraped those user records from Twitter and how to mitigate these attacks.


The 7 Most Significant Hacks of 2022

At SecurityScorecard, we like to look ahead and focus on the future. However, the past can also teach us some valuable lessons, particularly in cybersecurity. 2022 was quite an eventful year in the space, with many high-profile attacks, including full-blown cyber warfare. Out of all threats we saw this past year, a few stood out. This article will cover seven of the most dangerous cyber threats of 2022, in no particular order.


How To Keep Your Business Prepared for this Holiday Hacking Season?

Holidays are around the corner, and so are the hackers. They are waiting for your relaxed mindset and reduced staff coverage. For instance, 89% of organizations reportedly experienced holiday ransomware attacks. Of these, 36% had no contingency plans, causing significant damage. Also, there is an increased risk of online fraud and phishing attacks. Scammers targeted 75% of Americans with at least one form of holiday fraud in 2021. Have you taken any steps to protect your business?

noname security

Tomorrow's Wordle Is "PWNED"!

Like many competitive families around the world, my family became avid Wordle players shortly after it was released. Then one day out of nowhere, Grandma announced an ironclad approach for consistent success. She explained that by using two devices, you could solve the puzzle on one, and use the other device to submit the winning solution with fewer tries. This would almost guarantee a victory over the rest of the family.