First American Financial takes systems offline after cyber incident
First American Financial said it is working diligently to recover from an unauthorized cyber incident that led it to isolate its systems from the internet, according to a filing Friday with the Securities and Exchange Commission. The firm, the nation's second-largest title insurance provider, has taken steps to restore normal operations, but can't estimate the time or extent of the disruption at this time, according to the filing. READ MORE...
Celebrities Found in Unprotected Real Estate Database Exposing 1.5 Billion Records
An unprotected database belonging to Real Estate Wealth Network was left accessible from the internet for an unknown period, vpnMentor reports. Founded in 1993 and based in New York, Real Estate Wealth Network is an online real estate education platform that provides subscribers with access to courses, training materials, and a community. Discovered by cybersecurity researcher Jeremiah Fowler, the unprotected database was 1.16 terabytes in size, containing more than 1.5 billion records. READ MORE...
Mint Mobile discloses new data breach exposing customer data
Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator (MVNO) offering budget, pre-paid mobile plans. T-Mobile has proposed paying $1.3 billion to purchase the company. The company began notifying customers on December 22nd via emails titled "Important information regarding your account," stating that they suffered a security incident. READ MORE...
UK Teen Gets Indefinite Hospital Order For 'Grand Theft Auto' Hack
A British teenage hacker has been sentenced to an indefinite hospital stay to be treated for his inability to control himself online. Arion Kurtaj, 18, was found responsible by a British court in August of carrying out one of the biggest breaches in the history of the video game industry between August 2020 and September 2022 when he went on an unprecedented hacking spree that targeted the makers of "Grand Theft Auto", among others. READ MORE...
Iranian cyberspies target US defense orgs with a brand new backdoor
Iranian cyberspies are targeting defense industrial base organizations with a new backdoor called FalseFont, according to Microsoft. In a series of Xeets posted Thursday, Redmond's threat intel team said it spotted a nation-state backed gang it calls Peach Sandstrom attempting to deliver the (presumably Windows) malware to defense-sector employees. Mandiant, which tracks the Iran-backed crew as APT33, says it targets organizations in the US, Saudi Arabia and South Korea for "strategic cyberespionage." READ MORE...
How to recognize AI-generated phishing mails
Phishing is the art of sending an email with the aim of getting users to open a malicious file or click on a link to then steal credentials. But most phishers aren't very good, and the success rate is relatively low: In 2021, the average click rate for a phishing campaign was 17.8%. However, now cybercriminals have AI to write their emails, which might well improve their phishing success rates. Here's why. READ MORE...
3 main tactics attackers use to bypass MFA
Notable security breaches have bypassed MFA to compromise taxi broker Uber, games company EA, and authentication business Okta, according to SE Labs. SE Labs advised CISOs to step-up their efforts against attacks on systems protected by MFA in response to increased attacker activity to exploit failure points. As is often the case when compromising systems, attackers have not reinvented the wheel to circumvent MFA, or 2FA (two-factor authentication), as it is also known. READ MORE...
'Wall of Flippers' detects Flipper Zero Bluetooth spam attacks
A new Python project called 'Wall of Flippers' detects Bluetooth spam attacks launched by Flipper Zero and Android devices. By detecting the attacks and identifying their origin, users can take targeted protection measures, and culprits can potentially be held accountable for their actions. The ability to launch Bluetooth LE (BLE) spam attacks using the Flipper Zero portable wireless pen-testing and hacking tool was first demonstrated in September 2023 by security researcher 'Techryptic.' READ MORE...
- ...in 1776, Gen. George Washington leads the Continental Army to a pivotal victory against Hessians garrisoned in Trenton, making it the turning point of the Revolutionary War.
- ...in 1933, puppeteer Caroll Spinney, the performer behind Sesame Street's Big Bird and Oscar the Grouch, is born in Waltham, MA.
- ...in 1944, Patton's Third Army relieves Bastogne. A member of the force that marched 100 miles overnight was Sgt. Marvin Snider.
- ...in 1946, mobster Benjamin "Bugsy" Siegel opens the Flamingo Hotel, the first luxury resort hotel in Las Vegas.
