Latest

WhatsApp Data Breach: 500 million Phone Numbers On Sale

A threat actor is claiming that is selling 487 million WhatsApp user phone numbers through a hacking community forum, according to a report by Cybernews. The report claims that the threat actor is selling the US dataset for $7,000, while the cost...

APT Group Targeting Governments Worldwide

According to cyber security researchers from Trend Micro, state-financed Chinese hackers have launched a spear phishing campaign to launch bespoke malware stored within Google Drive to international government, academic, and research organizations. The Earth Preta APT Group APT group Earth Preta (aka Mustang...

Interpol Seizes Over $129 Million and Arrests Almost 1000 Suspects

In an operation lasting over five months, from the 28th of June to the 23rd of November, Interpol arrested almost 1000 suspects, seized $129,975,440 worth of virtual assets and almost 2,800 bank and virtual accounts linked to the investigated crimes were...

Articles

Attacks & Breaches

Data Breaches Reach All-Time High

According to a new IBM security report, the global average cost of data breaches reached $4.35 million in 2022 which is an all time high, following the cost of $4.24 million in 2021. The annual report was conducted by Ponemon Institute and...

Hacker claims to have obtained data of 1 billion Chinese citizens

Even though China has vowed to improve the protection of online user data, instructing their tech companies to ensure safe storage of information, a hacker claims to have obtained data of 1 billion Chinese citizens. ChinaDan in Breach Forums This is an unconfirmed...

Cyberattack Crashes Israeli Government Websites

Users unable to reach sites with gov.il extension for an hour, as National Cyber Directorate reportedly declares state of emergency over incident. Communications Minister Yoaz Hendel held an assessment with officials due to the “broad cyberattack” on government websites, a statement from...

Email Which Claims to Come from Saudi Aramco Delivers Malware

MalwareBytes research team found a targeted email campaign carrying two attachments, a pdf file and an excel file. The email pretends to come from Saudi Aramco, a Saudi Arabian public petroleum and natural gas company, and one of the largest companies in...

Retailer Blames Third-Party for the Data Breach of More than 100,000 Payment Cards

Beauty product retailer Acro revealed that customers of two of its websites were impacted, exposing more than 100,000 payment cards. The attack compromised the "Three Comsetics" and "Amplitude" websites and 89,295 and 103,935 credit card details were exposed respectively. The stolen data...

Popular

Five Penetration Testing Frameworks and Methodologies

Pentesting aims to evaluate information security measures through the eyes of a potential attacker with the aim of testing the effectiveness of security controls. A security practitioner tasked with penetration...

How to Become a Cybersecurity Expert

Cybersecurity has become increasingly popular in the last decade. It has seen great interest from technical and non-technical people wanting to take their opportunity in the field. Security breaches...

Defense in Depth – The Layered Approach to Cybersecurity

Defense In Depth is a common terminology in modern-day cybersecurity practices. It is a strategy that employs a series of mechanisms, also known as controls, to stop an attack...

Learning Resources

How to Become a Cybersecurity Expert

Cybersecurity has become increasingly popular in the last decade. It has seen great interest from technical and non-technical people wanting to take their opportunity in the field. Security breaches...

A List of Tools to Help you Detect the Log4j Vulnerability

How can you detect the Log4j zero day vulnerability (known as Log4shell)? Here’s a list of FREE Log4j vulnerability scanner tools. Amazon Inspector and AWS The Amazon Inspector team has created coverage for...

Free and Essential Security Tools You Should Already Be Using

Whether you are on the offensive or the defensive side of cybersecurity, there are open-source tools that are free to use and are essential to help you attack or...

Penetration Testing

Five Penetration Testing Frameworks and Methodologies

Pentesting aims to evaluate information security measures through the eyes of a potential attacker with the aim of testing the effectiveness of security controls. A security practitioner tasked with penetration...

A List of Tools to Help you Detect the Log4j Vulnerability

How can you detect the Log4j zero day vulnerability (known as Log4shell)? Here’s a list of FREE Log4j vulnerability scanner tools. Amazon Inspector and AWS The Amazon Inspector team has created coverage for...

Free and Essential Security Tools You Should Already Be Using

Whether you are on the offensive or the defensive side of cybersecurity, there are open-source tools that are free to use and are essential to help you attack or...