Massive breach at location data seller: "Millions" of users affected
Like many other data brokers, Gravy is a company you may never have heard of, but it almost certainly knows a lot about you if you're a US citizen. Data brokers come in different shapes and sizes. What they have in common is that they gather personally identifiable data from various sources-from publicly available data to stolen datasets-and then sell the gathered data on. Gravy Analytics specializes in location intelligence, meaning it collects sensitive phone location and behavior data. READ MORE...
Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach
Healthcare and substance abuse treatment provider BayMark Health Services has started notifying patients that their personal information was stolen in a data breach resulting from a ransomware attack. The Texas-based company runs one of the largest addiction treatment services in the US, operating roughly 200 facilities and over 380 programs in 35 states, and treating more than 70,000 patients every day. READ MORE...
Chinese APT Group Is Ransacking Japan's Secrets
The National Police Agency and the National Center of Incident Readiness and Strategy for Cybersecurity warned Japanese organizations of a sophisticated Chinese state-backed cyber-espionage effort called "MirrorFace" to steal technology and national security secrets. Japanese authorities said the advanced persistent threat group (APT) MirrorFace has been operating since 2019. READ MORE...
Canadian man loses a cryptocurrency fortune to scammers - here's how you can stop it happening to you
A man from Toronto has described to the media how he lost $100,000 worth of cryptocurrency investment after making an elementary blunder. Art, who didn't share his surname, told CTV that back in 2021 he decided to invest a family inheritance in cryptocurrency. He chose to use Kraken, a well-known US-based cryptocurrency exchange, and having made the investment left it alone for two years. In 2023, however, he felt it was time to see how his investment was doing. READ MORE...
What is 'security theater' and how can we move beyond it?
Conventional wisdom assumes that the more vulnerabilities a security tool flags, the easier it will be for a company to secure its infrastructure. In theory, layering more tools into a tech stack should equal more effective attack surface monitoring, right? Well, reality isn't quite panning out like that. If anything, tool sprawl has created an illusion of security, drowning security teams in the performative theatrics of squashing countless alerts - most of them false positives. READ MORE...
Banshee 2.0 Malware Steals Apple's Encryption to Hide on Macs
The macOS infostealer "Banshee" has been spotted skating by antivirus programs using a string encryption algorithm it stole from Apple. Banshee has been spreading since July, primarily via Russian cybercrime marketplaces, where it was sold as a $1,500 "stealer-as-a-service" for Macs. It's designed to steal credentials from browsers and browser extensions associated with cryptocurrency wallets. READ MORE...
Ivanti customers confront new zero-day with suspected nation-state nexus
Federal cyber authorities and researchers warn that attackers are exploiting a zero-day vulnerability in multiple Ivanti products, including Ivanti Connect Secure. Ivanti acknowledged CVE-2025-0282 was already exploited at the time of disclosure on Wednesday when it issued an advisory and released a patch for the critical unauthenticated stack-based buffer overflow vulnerability. READ MORE...
The SBI fake banking app shows that SMS authentication has had its day
As a company fortunate enough to have and maintain our own pentesting team, we often do outreach with other organizations to assist with or provide our expertise in offensive security. In collaboration with the Kerala Police Cyber unit, we were able to assist with investigating a prolific scam targeting the State bank of India (SBI). SBI is the largest bank in India and one of the top 50 largest banks in the world with over half a billion customers and account holders. READ MORE...
- ...in 1776, writer Thomas Paine publishes his pamphlet "Common Sense," setting forth his arguments in favor of American independence.
- ...in 1927, director Fritz Lang's classic science fiction film "Metropolis" is released in Germany.
- ...in 1943, folk singer Jim Croce ("Bad, Bad Leroy Brown", "Time in a Bottle") is born in South Philadelphia, PA.
- ...in 1946, the US Army Signal Corps successfully conducts Project Diana, bouncing radio waves off of the Moon and receiving the reflected signals.
- ...in 1949. professional boxer, two-time heavyweight champion, and electric grill spokesman George Foreman is born in Marshall, TX.
