https://www.scmagazine.com/topic/identity
SCM feed for Identity
2024-03-29T05:49:01+00:00
https://files.scmagazine.com/logo/scm-horizontal-white-with-resource.png
Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved
tag:www.scmagazine.com:post,709826
'Darcula’ phishing platform targets postal organizations worldwide
2024-03-28T13:38:53-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>Netcraft researchers say the Chinese-language PhaaS platform targeted postal organization in more than 100 countries, including USPS. </p>
2024-03-28T13:38:40-04:00
tag:www.scmagazine.com:post,709762
Unsecured server exposes RentGo data
2024-03-28T09:12:57-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Major Turkish car rental service provider Rent Go had data from more than 161,000 customers exposed due to an unsecured Azure Blob Storage instance, reports Cybernews.</p>
2024-03-28T09:12:52-04:00
tag:www.scmagazine.com:post,709550
Apple ID ‘push bombing’ scam campaign hits cyber startup founders
2024-03-27T16:11:56-04:00
Laura French
https://www.scmagazine.com/contributor/laura-french
<p>Attackers trigger hundreds of password reset prompts in an attempt to take over iCloud accounts. </p>
2024-03-27T16:08:30-04:00
(Credit: CDPiC - stock.adobe.com)
tag:www.scmagazine.com:post,709478
Nearly $10M in fines imposed on robocaller
2024-03-27T12:19:17-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>The U.S. Department of Justice announced that Idaho and Montana resident Scott Rhodes was fined $9.9 million for conducting thousands of "illegal and malicious" robocalls, or automated phone calls, with disturbing pre-recorded messages across the U.S., BleepingComputer reports.</p>
2024-03-27T10:49:09-04:00
tag:www.scmagazine.com:post,709440
Snapchat user traffic reportedly subjected to secret Facebook surveillance
2024-03-27T10:11:28-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>TechCrunch reports that Facebook was revealed to have covertly conducted Snapchat network traffic interception and decryption since 2016 as part of the initiative dubbed "Project Ghostbusters" that sought to bolster user behavior analysis and better compete with the instant messaging app.</p>
2024-03-27T10:11:23-04:00
tag:www.scmagazine.com:post,709435
Nearly 2K Shopify stores' data exposed by plugins
2024-03-27T09:59:51-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>More than 1,800 stores on major e-commerce platform Shopify using Saara's EcoReturns and WyseMe plugins had 25 GB of data exposed due to the developer's misconfigured MongoDB database, according to Cybernews.</p>
2024-03-27T09:59:46-04:00
tag:www.scmagazine.com:post,709425
Separate breaches impact California state, local agencies
2024-03-27T09:39:31-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Cybernews reports that the California Department of Food and Agriculture had individuals' sensitive and personal information leaked to "external users" following the compromise of its external Plant Health and Pest Prevention website discovered earlier this month.</p>
2024-03-27T09:39:26-04:00
tag:www.scmagazine.com:post,709080
New Tycoon 2FA PhaaS kit examined
2024-03-26T07:33:53-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Microsoft 365 and Gmail accounts have been increasingly targeted with attacks leveraging the new Tycoon 2FA phishing-as-a-service kit.</p>
2024-03-26T07:33:49-04:00
tag:www.scmagazine.com:post,708895
Vans, North Face parent downplays cyberattack
2024-03-25T12:32:17-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>U.S. global apparel and footwear company VF Corporation, which owns Vans, The North Face, and Supreme, emphasized that the December cyberattack that impacted data from 35.5 million customers did not include any bank information or credit card details, The Register reports.</p>
2024-03-25T12:32:11-04:00
tag:www.scmagazine.com:post,708887
Exposed AT&T data's veracity further proven as telco insists no compromise
2024-03-25T12:28:49-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>TechCrunch reports that data allegedly stolen from AT&T three years ago that contained information from 73 million subscribers was confirmed to be authentic by Have I Been Pwned? administrator Troy Hunt after matching the exposed details with purportedly impacted AT&T customers.</p>
2024-03-25T12:28:44-04:00
tag:www.scmagazine.com:post,708616
UN resolution on AI encourages measures against malicious use
2024-03-25T16:21:39-04:00
Laura French
https://www.scmagazine.com/contributor/laura-french
<p>The U.S.-led global guidance notes the need for vulnerability management and data protection.</p>
2024-03-22T16:30:23-04:00
(Credit: LT - stock.adobe.com)
tag:www.scmagazine.com:post,708488
US airlines' data security, privacy policies to be under federal review
2024-03-22T07:21:28-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Investigation into the major U.S. airlines' data security and privacy policies has been introduced by the Department of Transportation in a bid to determine potentially unfair data monetization and sharing with third parties as part of the Biden administration's efforts to bolster consumer privacy.</p>
2024-03-22T07:21:23-04:00
tag:www.scmagazine.com:post,707970
Suspected hackers apprehended in Ukraine, guilty plea entered by Lifelock hacker
2024-03-20T12:05:24-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Three Ukrainians suspected of being behind the compromise of over 100 million email and Instagram accounts worldwide have been arrested by the Cyber Police of Ukraine.</p>
2024-03-20T12:05:19-04:00
tag:www.scmagazine.com:post,707969
Moldovan E-Root Marketplace admin faces imprisonment
2024-03-20T12:03:39-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Over 350,000 compromised credentials have been peddled in the E-Root Marketplace.</p>
2024-03-20T12:03:33-04:00
tag:www.scmagazine.com:post,707968
More countries join international spyware combating effort
2024-03-20T12:03:24-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Ireland has been a notable addition to the alliance being the headquarters of U.S.-sanctioned spyware firms Intellexa Limited and Thalestris Limited, while the inclusion of Japan and South Korea would help expand the partnership in Asia.</p>
2024-03-20T12:03:18-04:00
tag:www.scmagazine.com:post,707883
Attempted hack of Pokemon accounts prompt password resets
2024-03-20T07:15:17-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Only 0.1% of targeted Pokemon accounts have been breached, according to Pokemon Company.</p>
2024-03-20T07:15:11-04:00
tag:www.scmagazine.com:post,707885
Document publishing sites leveraged in phishing attacks
2024-03-20T07:10:56-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Digital document publishing sites have been exploited by threat actors to facilitate new phishing attacks that better bypass email security controls.</p>
2024-03-20T07:10:51-04:00
tag:www.scmagazine.com:post,707706
Google Firebase may have exposed 125M records from misconfigurations
2024-03-19T14:41:02-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>Researchers say they reported their findings to Chattr.ai on Jan. 10, then followed up with a full scan of the internet.</p>
2024-03-19T14:39:22-04:00
Misconfigured Google Firebase websites could have leaked nearly 125 million user records. (Adobe Stock)