FBI criticized for delaying breach notifications, including insufficient details

The Federal Bureau of Investigations does a poor job at notifying victims of a cyber-attack, a US government report released earlier this week concluded. FBI notifications arrive either too late or contain insufficient information for victims to take action, a report from Read More …

OceanLotus adopts public exploit code to abuse Microsoft Office software

The OceanLotus hacking group is back with a new campaign in 2019 complete with new exploits, decoys, and self-extracting malicious archives. Also known as APT32, SeaLotus, APT-C-00, and Cobalt Kitty, OceanLotus is a hacking group which operates across Asia and Read More …

Email verification service takes itself offline after 800 million records get publicly exposed

An online email verification service has taken itself offline after approximately 809 million of its customers’ emails were exposed through an unprotected server. Researchers discovered a non-password protected MongoDB instance amounting to 150GB of data split across four separate collections Read More …