In last week’s security breach against Uber, the attackers downloaded internal messages from Slack as well as information from a tool used to manage invoices.

Half of the top 20 most valuable public U.S. companies had at least one single sign-on credential up for sale on the Dark Web in 2022, says BitSight.

Sephora will have to pay $1.2 million in penalties, inform California customers it sells their personal data and offer them ways to opt out.

Mitiga says that MFA, even if improperly configured, is no panacea for preventing attackers from abusing compromised credentials.

In a scam analyzed by Avanan, the victim received an email claiming to be from the CFO directing them to make a payment to their insurance company.

Analyzing over 100 prominent ransomware incidents, Barracuda found the top targeted sectors to be education, municipalities, healthcare, infrastructure and financial.

RaaS kits are easy to find on the Dark Web, lowering the barrier of entry so that virtually any cybercriminal can launch successful ransomware attacks, says Microsoft.

The new updates patch security flaws in iOS/iPadOS, macOS and Safari that could be exploited by hackers to gain remote control of an affected device.

By using a legitimate service like AWS to create phishing pages, attackers can bypass traditional security scanners, says Avanan.

USB-borne malware can infect your industrial equipment unless you take the proper precautions, says Honeywell.