Abusing Default Credentials
Attackers can exploit default credentials to escalate privileges within systems, endangering sensitive assets.
Internal Network Penetration Testing is typically done by organizations for compliance reasons, either for HIPAA or for PCI DSS Compliance. But regardless of why most companies invest in it, it’s an essential part of ensuring that your security controls are being managed effectively, and (more…)
Eat, Drink, & Be Wary
This Holiday Season ….
It is a time of joy, generosity, and, for many, a whirlwind of gatherings, traveling, and shopping. Unfortunately, it’s also prime time for cybercriminals. With all the season preparations and events, people often get too busy and distracted. Critical security protocols can sometimes be rushed or forgotten, making everyone even more (more…)
Not a Success Story
This Holiday Season ….
Cyber threats are more real than ever. From phishing scams to card skimming to spoofing, your online shopping and travel bookings are at increased risk. Stay vigilant when purchasing through an app or securing travel plans, as your sensitive data and access to work networks could be compromised—causing more lasting damage than an (more…)
Dental Center Agrees to Settlement of $2.7 Million for Data Breach
Description
Great Expressions Dental Centers, a Michigan-based dental service organization with nearly 300 affiliated practices across the United States, experienced a significant data breach in February 2023. The incident affected approximately 1.9 million patients and employees. Over a six-day period, an unauthorized party potentially accessed personal information of both employees and patients. For employees, the compromised data included names, Social Security numbers (SSNs), driver’s license (more…)
Weaponizing Legacy Software
Legacy software that uses web traffic can be used to blend in with other incoming and outgoing traffic.
There are a variety of ways to gain the access needed to remotely execute commands on a compromised machine. One way that HALOCK Security Team has been able to gain access during an Assumed Breach Penetration Test is by utilizing (more…)
Multi-Vendor Vulnerability Results in Data Breach at Rackspace
Description
Rackspace is a managed cloud computing provider based in San Antonio, Texas, that offers cloud hosting, dedicated servers, and multi-cloud solutions. The company servers than 300,000 customers across the world, including two-thirds of the world’s largest public traded companies. On the morning of September 24, 2024, Rackspace fell victim to a cyberattack that exploited a zero-day vulnerability in a monitoring application provided by ScienceLogic. (more…)
Data Breach Victims Eligible for Compensation in $3.25M Settlement
Description
See Tickets, a global ticketing services company, detected suspicious activity on several of its e-commerce platforms in May of 2023. A subsequent investigation revealed that cybercriminals had injected malicious code into the company’s checkout pages. This unauthorized code enabled the attackers to capture customer information transactions processed between February 28, 2023, and July 2, 2023. The compromised data included names, addresses, zip codes, payment card (more…)
$200,000 Fraudulent Scheme Forces Finance Director to Step Down
Description
The mayor of Plymouth, Connecticut reported on the mayor’s office Facebook page that the town had fallen victim to a sophisticated social engineering scam. Cybercriminals had compromised the accounts of one of the town’s vendors a month earlier, gaining access to information about an ongoing project for the town. Using this knowledge, the scammers sent fraudulent invoices to the town’s financial department. While the (more…)
Misconfigured Settings Exposes Social Security Numbers of Aviation Industry Users
Description
FlightAware, based in Houston, Texas, is renowned for delivering real-time, historical, and predictive flight insights to various segments of the aviation industry, including airlines, airports, and air traffic control. On July 25, the company identified a configuration error in its backend systems that had exposed personal user information for over three years, allowing unauthorized access. In response, the company’s President issued a letter to (more…)
Cybercriminals Skim Credit Card Numbers from the Oregon Zoo website
Description
On August 16, the Oregon Zoo reported on August 16 that the credit card information of more than 117,000 people who had visited the year was stolen. This discovery resulted from a 6 week long investigation into a payment skimming malware attack on the zoo’s payment platform, managed by a contracted vendor. The investigation began after suspicious activity was detected in June 2024 and (more…)
