Newsroom (Archive)

A hand-picked curation of industry news and information, to keep you well informed on all things cybersecurity

An international law enforcement operation has taken down Genesis Market, a notorious illegal online marketplace that traded in stolen credentials such as email, bank account, and social media platform information.   The operation, codenamed Operation Cookie Monster, involved 17 countries and resulted in 119 arrests and 208 property searches across 13 nations. Since its inception in March 2018, Genesis Market has become a major hub for criminal...

Read More

Service NSW Apologizes for Brief Software Bug that Exposed Users' Information.   Service NSW has issued an apology after a software bug briefly allowed users to view other users' information on the "My services" dashboard. A spokesperson for Service NSW has confirmed that the issue was present on Monday, March 20, between 1:20 pm and 3:00 pm. The problem was limited to the landing dashboard when customers...

Read More

Microsoft Unveils 'Security Copilot' Tool to Boost Cybersecurity Efforts.   Microsoft has launched a new tool designed to help cyber security professionals detect and identify breaches and threat signals more efficiently. Called 'Security Copilot', the tool is powered by OpenAI's latest GPT-4 generative artificial intelligence model. Its primary function is to aid security analysts in tasks such as summarising incidents, analysing vulnerabilities, and sharing information with colleagues...

Read More

Single sign-on (SSO) is a widely-used authentication method that allows users to access multiple applications using just one set of credentials. It is considered the gold standard for security as it eliminates the need for users to remember multiple passwords and can be further secured with multi-factor authentication (MFA).   In fact, an estimated 61% of attacks stem from stolen credentials, and SSO reduces the attack surface...

Read More

Conor Brian Fitzpatrick, a 20-year-old man and founder of the now-defunct BreachForums, has been charged with conspiracy to commit access device fraud in the United States. Fitzpatrick, who went by the online name "pompompurin," may face up to five years in prison if found guilty.   He was arrested on March 15, 2023. The charges come after an investigation by the Department of Justice (DoJ) led to...

Read More

Popular e-commerce plug-in, WooCommerce, used for WordPress-based online stores, has been found to contain a critical vulnerability that could allow attackers to take over websites.   While technical details about the vulnerability have not been published, the WooCommerce team has released updates, and attackers could reverse-engineer the patch. The vulnerability allows for unauthenticated administrative takeover of websites. Website administrators using this plugin are advised to issue the...

Read More