More than 3 years ago now, Scott Helme and I launched a little project called Why No HTTPS? It listed the world’s largest websites that didn’t properly redirect insecure requests to secure ones. We updated it December before last and pleasingly, noted that more websites than ever were doing the right thing and forcing browsers…

Researchers have discovered a new attack named SysBumps, which targets macOS systems running on Apple Silicon processors. This attack leverages speculative execution vulnerabilities in system calls to bypass critical security measures such as Kernel Address Space Layout Randomization (KASLR) and kernel isolation. KASLR, a crucial defense mechanism, randomizes the memory layout of the kernel, making…

In a concerning development within cybersecurity, attackers have been leveraging DocuSign’s API capabilities to send out fraudulent invoices that closely mimic genuine documents. These campaigns have been rising in frequency, with reports over the past five months highlighting a significant uptick in incidents. In the context of cybersecurity, the abuse of DocuSign’s API represents a…

Introduction: The smooth functioning of Microsoft Outlook depends on the health of its data file formats—OST and PST. Both the files store the mailbox data like email messages, contacts, calendars, etc. locally on the system. OST, or offline storage table files, are encrypted with a MAPIEntryID GUID key and are linked with a particular profile.…

The music streaming industry is one of the largest revenue-generating platforms for artists and labels. Streaming services such as Spotify, Apple Music, and others pay royalties to artists based on the number of times their songs are played. However, what if these streaming numbers are not genuine? Between 2018 and 2023, Michael Smith masterminded an…

Microsoft experienced a significant disruption across several Azure cloud services on July 30, 2024, due to a distributed denial-of-service (DDoS) attack. The attack, which targeted Azure and Microsoft 365 services, was exacerbated by an error in Microsoft’s DDoS defense mechanisms, resulting in an outage lasting nearly eight hours. Microsoft experienced a significant disruption across several…

AT&T recently faced a significant cybersecurity breach involving its Snowflake account, leading to the company allegedly paying a ransom to prevent further data leakage. According to various reports, the telecommunications giant paid approximately $370,000 to the hacking group ShinyHunters to delete the stolen data. This incident highlights the ongoing challenges and risks large corporations face…

In a series of unsettling developments, Ticketmaster, the global ticket sales and distribution company, has once again fallen victim to a major cybersecurity breach. This time, hackers claim to have obtained barcode data for hundreds of thousands of tickets to Taylor Swift’s Eras Tour and are demanding millions of dollars in ransom. This latest attack…

Advanced Micro Devices (AMD), a leading semiconductor company, is investigating a potential cybersecurity breach after a threat actor, known by the pseudonym IntelBroker, listed allegedly stolen data for sale on a notorious hacking forum. The hacker’s post on the forum claims to have sensitive data from AMD’s internal systems, including employee and customer information, as…

In a significant cybersecurity incident, the threat actor group known as ShinyHunters has claimed responsibility for a data breach involving Santander Bank, allegedly selling data for 30 million customers. This breach, disclosed two weeks after unauthorized access was detected, has been linked to recent hacks of Snowflake accounts, which also implicated Ticketmaster. ShinyHunters Claims Santander…