The breach exposed reams of sensitive personal data for more than 550,000 users, including customers’ full names, home addresses, email addresses, plaintext passwords, and telephone numbers.
Individuals confirmed to be impacted by the incident will be notified directly. WH Smith says that special measures to support them will be put in place. This presumably will include identity protection services.
The new strategy has five pillars: Defend critical infrastructure; Target and disrupt threat actors; Use market forces to improve security and resilience; Invest in resilience; and Enhance international partnerships.
Vulnerabilities associated with Microsoft Exchange Server and some virtual private networks, many of which were first disclosed in 2017, continue to be a popular route for hackers to exploit, a report from exposure management company Tenable found.
American fast food chain Chick-fil-A has confirmed that customers’ accounts were breached in a months-long credential stuffing attack, allowing threat actors to use stored rewards balances and access personal information.
A new report by Kaspersky states that almost 200,000 new mobile banking trojans surfaced in 2022, marking a 100% increase from 2021, with China being the most affected, followed by Syria and Iran. RiskTool-type potentially unwanted software accounted for the most distributions at 27.39%, followed by adware at 24.05% and trojan-type malware at 15.56%.
In the event of a website being hacked, attackers may implant an encoded malicious script into the web server, designed to activate when a target user accesses the corrupted web page.
Cisco is dipping into the acquisition pool to beef up its cybersecurity portfolio with plans to acquire Valtix, an early-stage Silicon Valley startup in the cloud network security business.
GootLoader, active since late 2020, is a first-stage downloader that’s capable of delivering a wide range of secondary payloads such as Cobalt Strike and various ransomware.
While phishing, business email compromise (BEC), and ransomware still rank among the most popular cyberattack techniques, a mix of new-breed attacks is gaining steam, according to a new report from cybersecurity and compliance company Proofpoint.