23andMe is a personal genomics and biotechnology company based in Sunnyvale, California, and is known for its direct-to-consumer genetic testing kits. According to a blog post posted on its website on October 6, 2023, the company acknowledged falling victim to a credential-stuffing attack on its website. This cyberattack involved using stolen login credentials to enable…

Picture this: A person arrives at the office Monday morning, and panic sets in when he logs onto the company network. His screen displays an ominous message explaining the company’s files have been stolen and encrypted, and the company has 48 hours to make contact and pay a ransom or lose access forever. The man…

Remember when hacktivism felt like a rebellious punk rock anthem raging against the affluent corporate machine? Hacktivists flitted through cyberspace as digital Robin Hoods fueled by righteous indignation or online warriors with a penchant for mischief. Those days are about as ancient as dial-up internet. Today, the cybercrime scene is a cutthroat business. A new…

Extortion is about leverage. The greater the leverage, the greater the propensity of the victim to open their coffers and pay the ransom. Initially, ransomware attacks focused on blocking access to an organization’s critical data by encrypting it. This simple yet effective model had a key weakness: a robust backup system could restore the encrypted…

The retail industry has experienced a seismic shift in recent years, instigated by the COVID-19 pandemic and fueled by other industries rapidly digitizing their organizations. Adapting their businesses to e-commerce models was a lifeline for many retailers, but it also came at a cost: the broader the attack surface, the greater the vulnerability. Retail is…

Have you ever received a package that appeared to have been opened before it reached you, and upon opening it, found that some items were missing? Have you used your credit card for a purchase, only to discover a week later that your statement showed several unauthorized charges? These scenarios are classic examples of unauthorized…