From Uber in 2016 to Okta in 2023 to Sisense in 2024, it’s evident that there’s a pattern behind the tech industry’s most devastating breaches: Data sprawl. Let’s dive into how data sprawl played a part in last week’s Sisense breach, as well as how security teams can be proactive in defending against similar attacks.

Cloud computing has gained traction in recent years due to its ease of scalability, flexibility, and efficiency. It allows businesses to accelerate innovation and spend less in meeting client or consumer demands. With several businesses migrating their operations to the cloud, cloud computing has become the technology of choice as it becomes more readily accessible and affordable.

Airbnb has brought a new paradigm to the hospitality industry. It has become the go-to platform for persons looking to make additional income with their properties and travelers looking for unique accommodation experiences away from home. However, this new model and its appeal have also attracted individuals looking to exploit the platform for fraud. Scams on Airbnb are becoming increasingly common, as both hosts and guests are not left out from becoming targets.

Identity theft and card fraud are the main concerns associated with using debit and credit cards. Like any financial instrument, credit and debit cards are susceptible to certain security threats that can compromise cardholders' information and lead to credit card fraud or debit card fraud. Common examples of such financial security threats include card theft, phishing, skimming, malware, card cloning, vishing, weak passwords/PINs, and social engineering.

In April of 2024, the FBI released a warning that threat actors are sending SMS phishing, also known as smishing, messages to individuals pretending to be toll road operators messaging about unpaid toll fees. This kind of attack is a common one, and targets more than just individuals –— think the MGM resorts breach of 2023 that started with a phishing call to an IT professional and ended up costing the casino millions.

In the ever-evolving landscape of cybersecurity threats, the recent breach by the notorious hacker group R00TK1T serves as a stark reminder of the vulnerabilities faced by even the most established organizations. As the Foresight Threat Team delves into the details of this alarming incident, it becomes imperative to shed light on the implications and lessons to be learned from this breach.

Analysis of cyber attacks targeting U.K. organizations highlights the effectiveness of social engineering attacks and the fact that businesses are missing the mark on how to stop it. The U.K. Government just released their Cyber Security Breaches Survey 2024 where they asked U.K. businesses and charities about their experiences with cyber attacks and breaches, their preparedness plans, response plans and the impacts of the attacks. According to the survey results, half (50%) of all U.K.

A hacker known as "IntelBroker" has purportedly breached Space-Eyes, a geospatial intelligence firm, potentially exposing sensitive US national security data. Authorities are currently investigating the claim, recognizing the potential ramifications it could have on critical government operations.

Sensitive personal data is among the most valuable information attached to us; it’s so valuable that there are international regulations for its maintenance, storage, and management. It is data that contains essential details about us, like Social Security Numbers (SSNs), bank accounts, tax IDs, health insurance data, and all the other “unique-to-one” credentials.

After attackers accessed around 591,000 customer accounts this year, Roku is making 2FA mandatory. Over two separate incidents, the first affecting 15,363 accounts and the second affecting roughly 576,000. In these cases, the attackers used the accounts to purchase streaming subscriptions and hardware stored in users accounts, the company has confirmed.