‘Among Us’ Mobile Game Under Siege by Attackers

Ongoing attacks on the wildly popular game Among Us are testing developers' ability to keep up. The meteoric rise of the game Among Us appears to be outpacing its developer's ability to keep up with malicious actors.

Nando’s Hackers Feast on Customer Accounts

Multiple chicken diners said their usernames and passwords were stolen and the accounts used to place high-volume orders. Diners at a popular chicken-dinner chain have seen hundreds of dollars siphoned out of their bank accounts, after cybercriminals were able to access their restaurant ordering credentials.

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Experts Weigh in on E-Commerce Security Amid Snowballing Threats. How a retail sector reeling from COVID-19 can lock down their online systems to prevent fraud during the upcoming holiday shopping spike. ... But experts are warning retailers not to focus only on one threat or on protecting one particular system.

Researcher: I Hacked Trump’s Twitter by Guessing Password

Trump’s weak Twitter password and lack of basic two-factor authentication protections made it shockingly simple to hack his account, Dutch security researcher Victor Gevers reported.

Silent Librarian Goes Back to School with Global Research-Stealing Effort

The Iranian hacker group is targeting universities in 12 countries. The Iranian hacker group is targeting universities in 12 countries. The Silent Librarian campaign has re-emerged for the fall school session, ...

Barnes & Noble Hack: A Reading List for Phishers and Crooks

Customers' lists of book purchases along with email addresses and more could have been exposed during a (ransomware?) attack — and that's a problem. Barnes & Noble is warning that it has been hacked, potentially exposing personal data for shoppers – and offering phishers an early holiday gift.

Dickey's BBQ Breach: Meaty 3M Payment Card Upload Drops on Joker's Stash

After cybercriminals smoked out 3 million compromised payment cards on the Joker’s Stash marketplace, researchers linked the data to a breach at the popular barbecue franchise.

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks

Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more. An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users' contacts and mail.

Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack

Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack. The Magecart spinoff group targeted the wireless service provider in an odd choice of victim. Boom! Mobile's U.S. website recently fell victim to an e-commerce attack, putting online shoppers in danger of payment-card theft, researchers said.

Why Companies Need To Pay Attention To Software Supply Chain Security

A software supply chain attack happens when an attacker enters and modifies software in the complicated software development supply chain to imperil a target farther down on the chain by injecting their malicious code. These inserts can be employed to further modify code by getting system permissions or to directly deliver a malicious payload or…

Activision Refutes Claims of 500K-Account Hack

The Call of Duty behemoth said that the reports of widespread hacks are false. After reports surfaced that 500,000 Activision accounts may have been hacked, impacting online Call of Duty (CoD) players, the gaming giant is disputing the claim.

Google Cloud Buckets Exposed in Rampant Misconfiguration

A too-large percentage of cloud databases containing highly sensitive information are publicly available, an analysis shows.

Cloud Leak Exposes 320M Dating Site Records

A misconfigured, Mailfire-owned Elasticsearch server impacted 70 dating and e-commerce sites, exposing PII and details such as romantic preferences.

Razer Gaming Fans Caught Up in Data Leak

A cloud misconfiguration at the gaming-gear merchant potentially exposed 100,000 customers to phishing and fraud.

U.S. Voter Databases Offered for Free on Dark Web, Report

Some underground forum users said they’re monetizing the information through the State Department’s anti-influence-campaign effort.

Stolen Fortnite Accounts Earn Hackers Millions Per Year

More than 2 billion breached Fortnite accounts have gone up for sale in underground forums so far in 2020 alone.

Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested

The threat actor known as ‘Sanix’ had terabytes of stolen credentials at his residence, authorities said. A hacker accused of selling hundreds of millions of stolen credentials from last year’s “Collection 1” data dump on the dark web has been arrested in the Ukraine.

Hackers Compromise Cisco Servers Via SaltStack Flaws

Hackers Compromise Cisco Servers Via SaltStack Flaws: Attackers compromised six Cisco VIRL-PE servers that are affected by critical SaltStack vulnerabilities.

Former Uber CSO Charged With Paying ‘Hush Money’ in 2016 Breach Cover-Up

Joseph Sullivan allegedly paid off $100K to the hackers responsible for a 2016 data breach, which exposed PII of 57 million passengers and drivers.

Jack Daniels, Ritz London Face Cyberattacks

The REvil ransomware and savvy phone scammers have exposed sensitive information.A pair of cyberattacks on high-profile targets – the owner of the Jack Daniels distillery.