Officials at the crypto-currency exchange Liquid released a blog stating they were a victim of a cyber-attack. The company stated that on Friday, November 13th, 2020 a hacker managed to compromise an employee email account. After the compromise, the attacker was able to pivot to the internal network of the company. Liquid stated that they detected the attack before any funds were able to be stolen, but the attacker still managed to steal some information. This information included names, home addresses, emails, and encrypted passwords of customers. The company believes that the attack used access to the company’s DNS records to redirect employees to fake login pages that captured the username (email) and password that was entered by the employees.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security