FanDuel Sportsbook Bettors Exposed in Mailchimp Breach

Amid all the NFL playoff action, FanDuel has sent an email warning to gamblers that their data was exposed in its third-party breach, putting them at risk for phishing attacks. [TechWeb]( Follow Dark Reading: [RSS]( January 24, 2023 LATEST SECURITY NEWS & COMMENTARY [FanDuel Sportsbook Bettors Exposed in Mailchimp Breach]( Amid all the NFL playoff action, FanDuel has sent an email warning to gamblers that their data was exposed in its third-party breach, putting them at risk for phishing attacks. [Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access]( Devices running Android 12 and below are at risk of attackers downloading apps that direct users to a malicious domain. [Hunting Insider Threats on the Dark Web]( Use threat intelligence to reduce chance of success for malicious insider and Dark Web threats. [(Sponsored Article) Shift Identity Left: Preventing Identity-Based Breaches]( Traditional compliance and IAM are insufficient to secure the modern enterprise. We must shift left with modern access controls to avoid costly data breaches. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Compromised Zendesk Employee Credentials Lead to Breach]( Zendesk has alerted customers to a successful SMS phishing campaign that has exposed "service data," but details remain scarce. [PayPal Breach Exposed PII of Nearly 35K Accounts]( The credential-stuffing attack, likely fueled by password reuse, yielded personal identifiable information that can be used to verify the authenticity of previously stolen data. [The Evolution of Account Takeover Attacks: Initial Access Brokers for IoT]( Head off account takeover attacks by being proactive about IoT security. Start with designing and building better security protocols into IoT devices, always change weak default configurations, and regularly apply patches to ensure that IoT devices are secure. [MORE]( EDITORS' CHOICE [T-Mobile Breached Again, This Time Exposing 37M Customers' Data]( This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported. LATEST FROM THE EDGE [No One Wants to Be Governed, Everyone Wants to Be Helped]( Here's how a security team can present itself to citizen developers as a valuable resource rather than a bureaucratic roadblock. LATEST FROM DR TECHNOLOGY [Wallarm Aims to Reduce the Harm From Compromised APIs]( API Leak Management software discovers exposed API keys and other secrets, blocks their use, and monitors for abuse, the company says. WEBINARS - [Deciphering the Hype Around XDR]( Security teams are increasingly being asked about the organization's Extended Detection and Response capabilities. There is still a lot of confusion and misunderstanding about XDR and what it can accomplish. XDR goes beyond endpoint monitoring and detection, while extending visibility ... - [The Craziest Cyberattacks Seen In the Wild and How You Can Avoid Them]( It feels like we hear about a new devastating cyberattack in the news every day. And attack methods seem to be proliferating at an exponential rate. So, which tactics should you be aware of beyond standard "click and infect" attack ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( - [State of Email Security]( - [Ransomware Resilience and Response: The Next-Generation]( - [Ransomware Is On The Rise]( - [State of Ransomware Readiness: Facing the Reality Gap]( - [How Hybrid Work Fuels Ransomware Attacks]( [View More White Papers >>]( FEATURED REPORTS - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [How Machine Learning, AI & Deep Learning Improve Cybersecurity]( [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [SOCs to Face Greater Challenges From Cybercriminals Targeting Governments and Media in 2023]( [Organizations Likely to Experience Ransomware Threat in the Next 24 Months, According to Info-Tech Research Group]( [Magnet Forensics Inc. Enters Into Definitive Agreement to be Acquired by Thoma Bravo]( [Gartner Predicts 10% of Large Enterprises Will Have a Mature and Measurable Zero-Trust Program in Place by 2026]( [Supply Chain Security Global Market Report 2022: Sector to Reach $3.5 Billion by 2027 at an 11% CAGR]( [Cybersecurity Worries Around Hybrid Working Drop, but Many IT Leaders Still Concerned Over Cyber-Skills Gap]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [The Promise and Reality of Cloud Security]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)