-
![]()
Novel Phishing Technique Utilizes Browser File Archiver Simulation on New .zip Domain
In light of Google’s recent release of new top-level domains (TLDs) like .dad, .phd, .mov and .zip, there have been rising concerns within the security community over TLDs that can easily be mistaken for file extensions. This report explores a phishing technique that utilizes these concerns, specifically exploiting the .zip TLD to simulate a file…
-
![]()
UK Government Grapples with How to Regulate AI
The landscape of artificial intelligence (AI) in the UK is teetering on the precipice of transformation. As the profound potential and worrying risks of AI increasingly permeate public consciousness, it’s becoming clear that the way we handle AI now will significantly shape our future. In the words of UK Prime Minister Rishi Sunak, “The starting…
-
![]()
The Introduction of ZIP Domains Raises Cybersecurity Concerns
Cybersecurity researchers and IT administrators have voiced concerns over Google’s newly introduced ZIP and MOV Internet domains. These domains, they caution, could potentially be exploited by cybercriminals for phishing attacks and malware delivery. The issue lies in the fact that these domains are also extensions of files commonly shared in online discussions, messages, and forum…
-
![]()
Fortune 1000 Identity Exposure Report Highlights the Need for Strong Security Measures
A recent report by cybersecurity firm SpyCloud has found that password reuse and malware infections are putting Fortune 1000 companies at risk of identity exposure. The report analyzed over 2.27 billion breach and malware-exfiltrated assets in the company’s database that are directly linked to Fortune 1000 employee accounts. In a staggering revelation, a total of…
-
![]()
How Shift Left Security Can Improve Your Software Development and Security Posture Part 1 of 3
Cybersecurity is a vital aspect of software development, especially in the cloud era where applications are exposed to various threats and vulnerabilities. However, traditional approaches to cybersecurity often involve testing and securing the code at the end of the development cycle, which can result in delays, costs, and risks. To address these challenges, a new…
-
![]()
Baldor Specialty Foods Faces Class Action Lawsuit Over Data Breach Impacting Over 13,000 Customers
Baldor Specialty Foods, a prominent food service company, is facing a class-action lawsuit following a significant data breach that compromised the personal identifiable information (PII) of over 13,800 individuals. The lawsuit, filed by Milberg Coleman Bryson Phillips Grossman in the U.S. District Court for the Southern District of New York, accuses the company of failing…
-
![]()
Medical Review Institute of America Reaches Proposed Settlement in Data Breach Class Action Lawsuit
Salt Lake City, UT – Medical Review Institute of America, LLC (MRIA) has announced that a proposed settlement has been reached in a class action lawsuit arising from a data security incident that occurred on or about November 9, 2021. The lawsuit asserted claims against MRIA related to the data breach and its impact on…
-
![]()
Utah Legislature Passes Comprehensive Cybersecurity Bill to Strengthen Statewide Security
The Utah Legislature has passed a comprehensive bill aimed at bolstering cybersecurity measures across the state. The bill amends the disclosure requirement for system security breaches, requires the Division of Technology Services to report on the consolidation of networks used by governmental entities, and creates the Utah Cyber Center with specific duties. Furthermore, the bill…
-
![]()
Parker Hannifin Settles Data Breach Class Action for $1.75 Million
Parker Hannifin, a major manufacturing company, has agreed to a $1.75 million class action settlement to resolve allegations stemming from a March 2022 data breach that compromised employee information. The settlement benefits current and former Parker Hannifin employees who received notification letters regarding the breach. The class action lawsuit accused Parker Hannifin of negligently failing…
-
![]()
Fortra, GoAnywhere MFT, Provides Update on Security Incident Involving CVE-2023-0669
Fortra, a leading provider of managed file transfer (MFT) solutions, has released an update on the investigation into suspicious activity detected in its GoAnywhere MFT solution. The company has been working with cybersecurity firm Unit 42 to investigate the incident and has now provided a factual summary of the investigation, along with continuous improvement actions…
