Computer Security Blog

This week I read that the FBI has issued a warning that the hacking group known as Scattered Spider is now actively targeting the airline industry. This group is already known for attacking major companies in other sectors like insurance and retail and they use tricks like pretending to be employees or contractors to trick IT help desks. Once they convince support staff to reset passwords or add new multi-factor authentication (MFA) devices they gain full access to accounts without setting off any alarms. Airlines are especially vulnerable because they rely on a lot of third-party vendors and support teams which can create security gaps. These attackers are skilled at using urgency and pressure to get past human defenses making even well-trained staff fall for their tactics. The FBI and cybersecurity experts are advising companies to review and tighten their security protocols especially around identity verification and help desk procedures. They recommend stronger MFA tools that are h...

 The  New York Post  published an article titled “US Businesses Warned to Brace for Iranian Cyberattacks Amid War with Israel,” which talks about the growing risk of cyberattacks on U.S. businesses due to the ongoing conflict between Iran and Israel. U.S. cybersecurity agencies have issued a warning urging companies to be careful as Iranian affiliated cybercriminals are likely to target critical infrastructure and private companies which could potentially lead to data breaches, ransomware, and service disruptions. What stood out to me is how global conflicts can directly impact cybersecurity even for businesses not directly involved in the conflict. It shows that cybersecurity isn't just about internal protections but understanding external threats that may arise from events going on around the world. This situation reminds businesses to stay proactive by always assessing their systems and monitoring for potential threats while people should remain cautious, use strong se...

Reuters published an article titled “US DOJ opens investigation into Coinbase’s recent cyberattack.” This article talks about a recent breach where a third party vendor working with Coinbase was hacked which exposed customer names, emails, and addresses. While no passwords or financial details were stolen experts warn that this kind of personal info can still lead to phishing scams and fraud. The Department of Justice is now investigating the incident due to the large amount of data exposed. What stood out to me is how a company like Coinbase which is known for security can still be vulnerable through its partners. It also shows that even if your login details aren't leaked your personal information can still be used in dangerous ways. This reminds us that cybersecurity isn't just about protecting passwords but it’s about protecting all personal data. It’s a reminder that companies must carefully choose who they work with and that us as users should stay alert. Using two factor...

The New York Post  published an article titled  “Major data breach exposes 86M AT&T customer records, including social security numbers.”  This article talks about a huge leak where over 86 million AT&T customer records were exposed which included names, addresses, phone numbers, emails, and even Social Security numbers. What makes it worse is that some of this data was updated recently even though it was linked to a past breach from 2024. The leak could lead to identity theft, scams, and more problems for millions of people. Cybersecurity experts warn that this kind of exposed data can stay on the dark web for years and continue to harm people long after the breach. It shows how important it is for companies to not only protect data but also notify people quickly when something goes wrong. I found this interesting because it shows how even the biggest companies can still struggle to protect sensitive data. It also reminded me how important it is to use identity m...

The Times of India titled  “Urgent cyber warning for Americans: 184 million passwords leaked; are you at risk.”  This article talks about a massive data breach where over 184 million usernames, emails, and passwords were found exposed online in plain text. What’s scary is that anyone could access this information without needing to hack or decode it. Cybersecurity researcher Jeremiah Fowler found the database and it included accounts tied to major companies like Apple, Google, Facebook, and Microsoft, and also banks and government services. I found this interesting because it shows how even basic information like your email and password can put you at risk if it's not protected. It also shows how everyone should care about cybersecurity and not just tech companies. It reminded me how important it is to use strong and unique passwords and to take advantage of the 2 factor authentication. article:  https://timesofindia.indiatimes.com/technology/tech-news/urgent-cyber-w...