Krebs on Security

NOVEMBER 9, 2024

It is not uncommon to see fake EDR vendors claim the ability to send data requests through Kodex, with some even sharing redacted screenshots of police accounts at Kodex. Matt Donahue is the former FBI agent who founded Kodex in 2021. How are cybercriminals typically gaining access to police and government email accounts?

Hacking 278

Hacking Accountability Government Social Engineering 278

The Hacker News

JULY 13, 2022

Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365's authentication process even on accounts secured with multi-factor authentication (MFA).

Phishing 107

Phishing Authentication Account Security Accountability 107

Security Affairs

OCTOBER 8, 2021

Google warned more than 14,000 Gmail users that they have been the target of nation-state spear-phishing campaigns. Shane Huntley, the head of the Threat Analysis Group (TAG), wrote on Twitter that his group had sent an above-average batch of government-backed security warnings. . ” Huntley added. “At

Phishing 108

Phishing Government Hacking Accountability 108

SecureWorld News

SEPTEMBER 18, 2024

In recent years, several high-profile breaches have raised concerns about the security of customer data. Some notable cyber incidents in the past half-decade include: McDonald's (2021): The fast-food giant suffered a data breach that exposed customer and employee information in South Korea and Taiwan. Subway U.K. As PCI DSS 4.0

Cybersecurity 117

Cybersecurity Data breaches Accountability Passwords 117

Hacker Combat

SEPTEMBER 6, 2021

SEC penalized Cambridge Investment Research because more than 121 of their email accounts were hacked between 2018 January and 2021 July. SEC reiterated that Cambridge Investment Research discovered the first breach in 2018 January but took no action to boost email account security until 2021. .

Accountability 125

Accountability Hacking Financial Services Data breaches 125

Malwarebytes

SEPTEMBER 7, 2023

Controls for Microsoft employee access to production infrastructure include background checks, dedicated accounts, secure access workstations, and multi-factor authentication using hardware token devices. It starts with a crash in a consumer signing system in 2021.

Authentication 140

Authentication Accountability Government Passwords 140

Google Security

FEBRUARY 13, 2023

Our approach to multi-factor authentication – one of the most important controls to defend against phishing attacks – provides a great example. Since 2021, we’ve turned on 2-Step Verification (2SV) by default for hundreds of millions of people to add an additional layer of security across their online accounts.

Government 90

Government Architecture Technology Software 90