News
Latest cybersecurity news — hacks, breaches, vulnerabilities, regulatory moves
MGM Resorts Hack September 2023 — How a 10-Minute Phone Call to the Help Desk Cost $100M: Scattered Spider Anatomy
A ten-minute social-engineering phone call to MGM's help desk reset an employee password without verification, giving Scattered Spider the foothold for a…
NewsOperation Cronos February 2024 — How NCA-Led International Action Took Down LockBit (Twice): Inside the Most Significant Ransomware Takedown
A multi-national law-enforcement operation seized LockBit's infrastructure, decryption keys, and admin panel — turning the most prolific ransomware operation's own leak site…
NewsChange Healthcare Ransomware Attack 2024 — How a Single Compromise Disrupted 1/3 of US Healthcare Payments: $2.5B Impact Analysis
A single Citrix portal lacking MFA gave ALPHV/BlackCat ransomware access to Change Healthcare — the payment processor for one in three US…
NewsCosmos Bank SWIFT Heist 2018 — How North Korean Hackers Stole ₹94 Crore from an Indian Co-operative Bank: Anatomy of India’s Largest Bank Heist
Over a single weekend in August 2018, attackers used a malware-infected Cosmos Bank network to authorise fraudulent ATM withdrawals across 28 countries…
NewsKudankulam Nuclear Power Plant Cyberattack 2019 — DTrack Malware in India’s Critical Infrastructure: Anatomy of the Lazarus-Linked Intrusion
In October 2019, malware later attributed to North Korea's Lazarus Group was found in administrative networks at Kudankulam Nuclear Power Plant in…
News3CX Supply Chain Attack 2023 — How North Korea Compromised a VoIP Vendor to Compromise 600,000 Customers: First Confirmed Double Supply-Chain Attack
A backdoored installer of 3CX VoIP software — itself compromised because 3CX engineers ran a backdoored Trading Technologies financial-trading app on company…
NewsLastPass Breach Chain 2022 — How a Compromised Engineer’s Plex Server Cost Customers Their Encrypted Vaults: Anatomy & Lessons
Two breaches separated by months. The second compromised a senior engineer's home Plex server, then his keylogger-captured master password — exfiltrating LastPass's…
NewsMicrosoft Storm-0558 Attack 2023 — How a Stolen MSA Signing Key Gave China Read-Access to US State Department Email: Anatomy & Lessons
Chinese state-aligned threat actor Storm-0558 obtained a Microsoft consumer signing key, used a flaw in Microsoft's token validation to forge enterprise tokens,…
NewsOkta Support System Breach 2023 — How Cookies Stolen from Customer-Service Sessions Led to BeyondTrust, Cloudflare, 1Password Compromises
A stolen Okta employee credential gave attackers access to Okta's customer support system. From there they harvested HAR files containing valid session…
News23andMe Genetic Data Breach 2023 — How Credential Stuffing Plus DNA Relatives Feature Exposed 6.9 Million Profiles: Anatomy & Privacy Implications
Credential stuffing succeeded on 14,000 23andMe accounts — but the DNA Relatives feature meant attackers harvested the genetic data of approximately 6.9…