Zacks Investment Data Breach Exposes 12 Million Users
A significant data breach at Zacks Investment Research has compromised personal information of around 12 million users. Hackers accessed usernames, email addresses, physical addresses, phone numbers, and passwords stored as unsalted SHA-256 hashes. The threat actor claimed to have administrative access to Zacks’ active directory, leaking source code from Zacks.com and other sites. The leaked data is available on hacker forums and has raised concerns about identity theft. Read more
LockBit Sanctioned as US, UK, and Australia Join Hands Against the Russian Cybercrime Network
The US, UK, and Australia have sanctioned Zservers, a Russian service provider supporting the LockBit ransomware group. Zservers provided specialized servers, enabling LockBit to evade detection. Key administrators Alexander Mishin and Aleksandr Bolshakov face sanctions for their roles. This coordinated action aims to disrupt the infrastructure that facilitates Russian cybercrime. The sanctions follow previous actions against the Evil Corp ransomware group, highlighting ongoing international efforts against ransomware operations. Read more
Sophisticated Gmail Attacks Target Email Security, FBI Issues “Do Not Click” Alert
The FBI warns of sophisticated AI-driven phishing attacks targeting Gmail users, emphasizing the need for caution against clicking suspicious links. These attacks exploit weak passwords and use advanced social engineering tactics. A recent report indicated a 49% increase in phishing attacks capable of bypassing filters. Despite advancements, malicious links remain central to most email fraud attempts, necessitating heightened vigilance among users of the popular email platform. Read more
OmniGPT Breach Exposes Data of 30,000 Users
The OmniGPT platform experienced a significant data breach, exposing sensitive information from over 30,000 users, including emails and API keys. A hacker claimed to have accessed all messages exchanged between users and the AI, alongside links to uploaded files. The breach raises concerns about identity theft and potential account takeovers. The data is reportedly being sold on dark web forums for cryptocurrency, highlighting the risks of using interconnected AI services. Read more
Cyber Attack Targets 2.8 Million IPs on VPN Devices
A massive cyber attack involving 2.8 million IPs is targeting VPN devices and other network appliances through brute-force tactics. The attack primarily affects devices from brands like Palo Alto Networks and SonicWall. Attackers are systematically attempting to guess passwords, exploiting weak security configurations. A majority of the impacted IPs are located in Brazil, with significant numbers in Turkey and Russia. The use of compromised routers in a botnet amplifies the attack’s scale and effectiveness. Read more
Top Cyber Threats Facing Enterprise Businesses in 2025: A Comprehensive Guide
This blog explores the escalating cyber threats targeting enterprises in 2025, including ransomware and data breaches. Key sectors at risk include healthcare and finance, with attackers employing sophisticated methods to exploit vulnerabilities. The article emphasizes the necessity of robust cybersecurity measures, such as zero-trust architecture and regular employee training. Understanding these threats is crucial for businesses to safeguard sensitive information. Stay proactive in your cybersecurity efforts. Read more
