Tech Talk

In continuation of Microsoft’s series of data security incidents, employees accidentally exposed internal data to the public. The leak exposed an unprotected Azure storage server containing code, scripts, and configuration files. Microsoft has announced that it has fixed a security breach that exposed internal company credentials and files to the open internet. The breach was first discovered by security researchers from cybersecurity firm SOC Radar. According to their report, an internal error resulted in an Azure storage server without password protection being given public access. The exposed data was primarily related to Microsoft’s Bing search engine, including configuration files, code, and scripts that employees used to access a range of internal systems and databases. Consequently, bad actors could identify and access locations for Microsoft's internal data. So far, it has not been made clear how long the data has been exposed. Anuj Mudaliar Assistant Editor - Tech, SWZD opens a new window opens a new window Anuj Mudaliar is a content development professional with a keen interest in emerging technologies, particularly advances in AI. As a tech editor for Spiceworks, Anuj covers many topics, including cloud, cybersecurity, emerging tech innovation, AI, and hardware. When not at work, he spends his time outdoors - trekking, camping, and stargazing. He is also interested in cooking and experiencing cuisine from around the world.

AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. These notifications are related to the recent leak of a massive amount of AT&T customer data on the Breach hacking forums that was offered for sale for $1 million in 2021. When threat actor ShinyHunters first listed the AT&T data for sale in 2021, the company told BleepingComputer that the collection did not belong to them and that their systems had not been breached. Last month, when another threat actor known as 'MajorNelson' leaked the entire dataset on the hacking forum, AT&T once again told BleepingComputer that the data did not originate from them and their systems were not breached. After BleepingComputer confirmed that the data belonged to AT&T and DirectTV accounts, and TechCrunch reported AT&T passcodes were in the data dump, AT&T finally confirmed that the data belonged to them. While the leak contained information for more than 70 million people, AT&T is now saying that it impacted a total of 51,226,382 customers. "The [exposed] information varied by individual and account, but may have included full name, email address, mailing address, phone number, social security number, date of birth, AT&T account number and AT&T passcode," reads the notification. "To the best of our knowledge, personal financial information and call history were not included. Based on our investigation to date, the data appears to be from June 2019 or earlier." BleepingComputer contacted AT&T as to why there is such a large difference in impacted customers and was told that some of the people had multiple accounts in the dataset. "We are sending a communication to each person whose sensitive personal information was included. Some people had more than one account in the dataset, and others did not have sensitive personal information," AT&T told BleepingComputer. The company has still not disclosed how the data was stolen and why it took them almost five years to confirm that it belonged to them and to alert customers. Furthermore, the company told the Maine Attorney General's Office that they first learned of the breach on March 26, 2024, yet BleepingComputer first contacted AT&T about it on March 17th and the information was for sale first in 2021. While it is likely too late, as the data has been privately circulating for years, AT&T is offering one year of identity theft protection and credit monitoring services through Experian, with instructions enclosed in the notices. The enrollment deadline was set to August 30, 2024, but exposed people should move much faster to protect themselves. Recipients are urged to stay vigilant, monitor their accounts and credit reports for suspicious activity, and treat unsolicited communications with elevated caution. For the admitted security lapse and the massive delay in verifying the data breach claims and informing affected customers accordingly, AT&T is facing multiple class-action lawsuits in the U.S. Considering that the data was stolen in 2021, cybercriminals have had ample opportunity to exploit the dataset and launch targeted attacks against exposed AT&T customers. However, the dataset has now been leaked to the broader cybercrime community, exponentially increasing the risk for former and current AT&T customers. Update 4/10/24: Added statement from AT&T about discrepancy in numbers. BILL TOULAS Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

Home improvement retailer Home Depot confirmed with multiple publishers that it suffered a data break due to a third-party SaaS vendor inadvertently exposing a subset of employee data. IntelBroker, the threat actor behind the attack claims it has the information of 10,000 Home Depot employees. A Home Depot software vendor suffered a data breach leading to the compromise of an undisclosed number of employees. IntelBroker, the threat actor behind the attack claims it has the information of 10,000 Home Depot employees. Home improvement retailer Home Depot confirmed with multiple publishers that it suffered a data break due to a third-party software vendor inadvertently exposing a subset of employee data. Reportedly, the breach was caused by a misconfigured software-as-a-service (SaaS) application.

Explaining a SIEM in Simple Terms (Kind Of …) What Kind of Things Can a SIEM Do for Law Firms? What Are the Core Functions of a SIEM? What Are the Benefits of Using a SIEM for a Law Firm? How Does a Law Firm Implement a SIEM? How Much Will a SIEM Cost Your Small Law Firm? The Role a SIEM Will Play for Your Law Firm

Sometimes, you can’t even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge links… The post Don’t trust links with known domains: BMW affected by redirect vulnerability appeared first on .

Malicious actors have hacked two governmental servers running end-of-life software. The US cybersecurity agency CISA warns that cybercriminals are exploiting a vulnerability in discontinued Adobe ColdFusion versions and urges users… The post Hackers breach US Government agencies running end-of-life software appeared first on .

Microsoft has seized domains and social media accounts belonging to Storm-1152. a large cybercrime actor. The group used the infrastructure to create 750 million fraudulent Microsoft accounts and earn millions… The post Cybercriminals selling fraudulent Outlook accounts taken down by Microsoft appeared first on .

Since the public release of ChatGPT, the adoption of artificial (AI) and machine learning (ML) systems has seen a significant boost. Companies are now rushing to integrate AI technology for… The post AI under criminal influence: adversarial machine learning explained appeared first on .

Prospect Medical Holdings admits that it was hacked, with hundreds of thousands of employees and patients left affected. Prospect Medical Holdings is a healthcare company operating more than 150 clinics… The post Hackers attack US healthcare giant, more than 190K people affected appeared first on .

Inside the Newsletter | November 2023 Watch Out for Ransomware Pretending to Be a Windows Update!  Gadget of The Month  Smart Home Safety Tips  What Is Microsoft Sales Copilot? Biggest… The post November Newsletter appeared first on .

Thousands of users are expressing frustration on X or review sites, as Facebook’s fight against fake accounts affects innocent bystanders. In case your Facebook account gets hacked or disabled, prepare… The post Facebook has deleted four planets’ worth of fake users – while real people struggle to get support appeared first on .

Cl0p ransomware gang may have garnered a lot of attention with this year’s high-profile string of MOVEit hacks, but now it’s also on the radar of the cybersecurity industry. FalconFeeds.io… The post Cl0p study sheds light on rising ransom gang appeared first on .

Inside the Newsletter | September 2023 Spot Fake LinkedIn Sales Bots Have You Tried Microsoft Designer?  Technologies to Help Run Your Small Business Better Tech Trends to Fuel Your Growth… The post September Newsletter appeared first on .

Cloud-based software company Salesforce was left wide open to a cyberattack exploiting the reputation of tech giant Meta thanks to a previously undetected bug, cybersecurity firm Guardio has disclosed. “The… The post Zero-day bug exploiting Meta hits Salesforce appeared first on .

While the performance of current AI systems may seem impressive, there’s a long way to go before we’re likely to see true human-like capabilities. AI is everywhere – or so… The post Three different types of artificial intelligence, explained appeared first on .

Inside the Newsletter | August 2023 What is Zero-Click Malware? Common Tech Myths 7 Cybersecurity Risks of Remote Work Page  7 Advantages of a Defense-in-Depth / Cybersecurity Strategy Page  Tech… The post August Newsletter appeared first on .

ChatGPT’s API program, designed to incorporate artificial intelligence (AI) functionality into pre-existing apps and software, comes with a considerable cybersecurity risk, warns analyst Endor Labs. Its research team found that… The post Malware risk in AI software packages, warns analyst appeared first on .

Millions of malicious IP addresses are analyzing the internet daily in an attempt to find security holes in networks. CrowdSec has recently released a Majority Report looking into the landscape… The post No, criminals are not in love with VPNs, expert insists appeared first on .

Inside the Newsletter | July 2023 Is Your Online Shopping App Invading Your Privacy? How Microsoft 365 Copilot Is Going to Transform M365 Apps Fight Business Email Compromise 10 Helpful… The post July Newsletter appeared first on .

Managing data and IT solutions in-house can be challenging and expensive. That’s why many organizations turn to MSPs. Digitalization has forced businesses to alter their operations and make IT a… The post What Is an MSP (And How to Choose the Right One for Your Business) appeared first on .

Cloud computing has been front and centre of the global shift to remote working. Find out how you can maximize this technology for your small business. The onset of the… The post Seven Ways to Maximize Cloud Solutions for Your Small Business appeared first on .

Inside the Newsletter | June 2023 Is it time to ditch the password for more secure passkeys? Create dashboard in power BI What is push-bombing? How to use ChatGPT at… The post June Newsletter appeared first on .

Most of us have heard that chip cards are more secure. When it comes to processing credit cards and debit cards, chip cards have been the standard for many years.… The post Is Swiping Chip Cards Putting Your Business at Risk? appeared first on .

Discover the compelling potential while exploring the ethical implications of an AGI-defined future. In 2023, tech giants are racing to leverage generative AI. Many are already looking beyond the capabilities… The post Unleashing artificial general intelligence: utopia or dystopia? appeared first on .

HAYS, Kan. – Kansas farmers battered by drought and heat now have more weather to worry about — in outer space. An expected surge in solar flares over the next several… The post How weather in outer space could cost Midwestern farmers $1 billion appeared first on .

We’ve compiled a list of disruptive innovations that are shaping the technological landscape around the world and shaping our future through reports from reputable scientific journals and the world’s largest… The post 10 Most Important Technologies Of 2023 appeared first on .

Online reputation can make or break your chances of landing and retaining clients. That’s why managing this aspect in your business is critical. Your store, whether brick-and-mortar or online, looks… The post The Importance of Online Reputation Management (And 8 Tips To Improve It) appeared first on .

Scaling your business doesn’t just entail having suitable systems, staff, or partners. It also includes finding new and innovative ways to save time and money. And that’s where Virtual Reality… The post Immersive Experiences Can Scale Your Business – The 5 Ways Virtual Reality Can Save Your Business Time and Money appeared first on .

When you see those people with two monitors, you may assume they do some specialized work that requires all that screen space, or they just really like technology. But having… The post Are Two Monitors Really More Productive Than One? appeared first on .

New research shows hackers are exploiting ChatGPT to write usable malware and sharing their results on the dark web. The latest report, from cybersecurity software retailer Check Point, backs recent… The post Threat actors can use ChatGPT to create deployable malware appeared first on .

Just five or six years ago, VoIP was still considered a “different” type of business phone system. One that wasn’t the norm. But the pandemic changed that way of thinking.… The post What Are the Most Helpful VoIP Features for Small Businesses? appeared first on .

Leaked API keys of three popular email service providers allowed threat actors to perform various unauthorized actions such as sending emails, accessing mailing lists and personal data, deleting API keys,… The post MailChimp, Mailgun, and Sendgrid API leak endangered over 54m users appeared first on .

It seems that nearly as long as passwords have been around, they’ve been a major source of security concern. Eighty-one percent of security incidents happen due to stolen or weak passwords. Additionally,… The post What Are the Advantages of Implementing Conditional Access? appeared first on .

The use of artificial intelligence (AI) in cyberattacks is quite limited, but the situation might change, and soon, with intrusions becoming much more advanced than current incidents, a new report… The post AI-enabled cyberattacks might become norm in next five years appeared first on .

With the continuing shift towards remote working, health is an ongoing concern. Find out how to stay healthy even when you’re working from home. The global pandemic resulted in many… The post Working From Home – The Six Simple Ways to Stay Healthy When You’re No Longer Commuting appeared first on .

After being the main entry to the internet in the late 1990s and early 2000s, Internet Explorer (IE) is gone. As of June 15, 2022, Microsoft dropped the web browser from support.… The post Internet Explorer Has Lost All Support (What You Need to Know) appeared first on .

The pandemic has been a reality that companies around the world have shared. It required major changes in how they operate. No longer, did the status quo of having everyone… The post 5 Mistakes Companies Are Making in the Digital Workplace appeared first on .

Microsoft has acknowledged a critical zero-day vulnerability in Windows affecting all major versions, including Windows 11, Windows 10, Windows 8.1, and even Windows 7. The vulnerability, identified with the tracker… The post How to Fix Microsoft “Follina” MSDT Windows Zero-Day Vulnerability appeared first on .

Cyberattacks grabbed headlines throughout 2021 as massive disruptions affected government agencies, major companies and even supply chains for essential goods like gasoline and meat. The year started off on a… The post Hacks, ransomware and data privacy dominated cybersecurity appeared first on .

The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors. Bleeping computer… The post FBI: Ransomware gang breached 52 US critical infrastructure orgs appeared first on .

Trying to stop all spam email is tough, but there are ways for you to thwart the majority of it from reaching your inbox.  Spam email is unwanted and often… The post 7 ways to stop spam email from clogging your inbox appeared first on .

  China had its sputnik moment in March 2016. That month an artificial intelligence programme, AlphaGo, beat a South Korean grandmaster at Go, an extremely complex and demanding Chinese board game.… The post TechScape: how China became an AI superpower ready to take on the United States appeared first on .

Earlier this year, news broke that foreign hackers had for months been secretly monitoring email accounts and communications between US government officials in charge of identifying foreign threats to national security. The… The post Doing these 5 things can help you lock down your Microsoft 365 account and keep hackers at bay appeared first on .

Will Microsoft Edge soon mount a genuine challenge to Chrome?   New data suggests Microsoft Edge is slowly beginning to lure users away from Google Chrome, which has had a stranglehold on the web… The post Browser wars: Microsoft Edge is beginning to steal users from Google Chrome appeared first on .

CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory that details how Russian state-sponsored cyber actors accessed a network with misconfigured default multifactor authentication (MFA) protocols.… The post Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols appeared first on .

It is not uncommon for companies to lose data, including national ID and Social Security numbers. But in many cases, corporate secrets are leaked by malicious insiders. Recently, an employee… The post Spiteful employees cause over a quarter of data loss incidents appeared first on .

Island nation’s health system workers fell back on using phones after a cyberattack knocked out IT systems. The chief governing body of Greenland, Naalakkersuisut, announced that a cyberattack caused IT… The post Cyberattack behind Greenland’s healthcare ‘system crash’ appeared first on .

A torn-down virtual infrastructure creates risks for any business. And it can have a significant impact on how quickly you can retrieve your data and resume operations following an attack.… The post The Critical Importance of Virtualized Infrastructure Security (And 4 Ways to Enhance It) appeared first on .

Ransomware is malware that encrypts your files or stops you from using your computer until you pay money (a ransom) for them to be unlocked. If your computer is connected to… The post Protect your PC from ransomware appeared first on .