Unveiling the Underworld: Cyber Threats SMBs Shouldn’t Ignore in 2024
Source: Blue INK Security
Small and medium-sized businesses (SMBs) have become the prime targets of cyber threats. The evolution of technology brings unprecedented opportunities for growth and connectivity, but it also opens doors for malicious actors looking for exploiting vulnerabilities. Understanding the current cyber threat landscape is crucial for SMBs to safeguard their operations, data, and reputation.
China Says State-Backed Experts Crack Apple’s AirDrop
Source: Security Week
Chinese state-backed experts have found a way to identify people who use Apple’s encrypted AirDrop messaging service, according to the Beijing municipal government. AirDrop allows users to send content to Apple devices in close proximity without an internet connection, encoded so they cannot be viewed by other people.
Mandiant's X account hacked by crypto Drainer-as-a-Service gang
Source: Bleeping Computer
Cybersecurity firm and Google subsidiary Mandiant says its Twitter/X account was hijacked last week by a Drainer-as-a-Service (DaaS) gang in what it described as "likely a brute force password attack." "Normally, 2FA would have mitigated this, but due to some team transitions and a change in X's 2FA policy, we were not adequately protected. We've made changes to our process to ensure this doesn't happen again," the company said.
LoanDepot Hit by Ransomware Attack; Multiple Systems Offline
Source: Data Breach Today
Non-bank mortgage lending giant LoanDepot is warning customers and investors that hackers have infiltrated its network, gained unauthorized access to information and encrypted data, leading to it taking numerous systems offline while it probes the attack.
Fidelity National now says 1.3M customers had data stolen by cyber-crooks
Source: The Register
Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November. The mortgage giant, which has assets totaling $74 billion and is one of the largest providers of title insurance and settlement services in the US, disclosed the "cybersecurity incident" in an 8-K filing with the SEC that same month.
DOJ Wraps xDedic Dark Web Market Case; 19 Charged Worldwide
Source: Data Breach Today
The U.S. Department of Justice announced Friday that it has wrapped up its investigation of the xDedic dark web marketplace and successfully dismantled the multinational criminal organizations, leading to charges against 19 individuals, ranging from administrators and site developers to buyers and customer service reps.