Clik here to view.
How to harden your Active Directory against Kerberoasting
Kerberoasting is a common attack targeting Microsoft Active Directory, enabling attackers to compromise service accounts with low risk of detection. Because it manipulates legitimate accounts, it can...
View ArticleClik here to view.
US nuclear weapons agency hacked in Microsoft SharePoint attacks
Unknown threat actors have breached the National Nuclear Security Administration’s network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. NNSA is a...
View ArticleClik here to view.
NPM package ‘is’ with 2.8M weekly downloads infected devs with malware
The popular NPM package ‘is’ has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. This occurred after maintainer accounts...
View ArticleClik here to view.
Hackers fooled Cognizant help desk, says Clorox in $380M cyberattack lawsuit
Clorox is suing IT giant Cognizant for gross negligence, alleging it enabled a massive August 2023 cyberattack by resetting an employee’s password for a hacker without first verifying their identity....
View ArticleClik here to view.
Brave blocks Windows Recall from screenshotting your browsing activity
Brave Software says its privacy-focused browser will block Microsoft’s Windows Recall from capturing screenshots of Brave windows by default to protect users’ privacy. Windows Recall is an opt-in...
View ArticleClik here to view.
Microsoft: SharePoint flaws exploited in Warlock ransomware attacks
A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. Non-profit...
View ArticleClik here to view.
SonicWall urges admins to patch critical RCE flaw in SMA 100 devices
SonicWall urges customers to patch SMA 100 series appliances against a critical authenticated arbitrary file upload vulnerability that can let attackers gain remote code execution. The security flaw...
View ArticleClik here to view.
Hackers breach Toptal GitHub account, publish malicious npm packages
Hackers compromised Toptal’s GitHub organization account and used their access to publish ten malicious packages on the Node Package Manager (NPM) index. The packages included data-stealing code that...
View ArticleClik here to view.
Mitel warns of critical MiVoice MX-ONE authentication bypass flaw
Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. MX-ONE is the company’s...
View ArticleClik here to view.
Hacker sneaks infostealer malware into early access Steam game
A threat actor called EncryptHub has compromised a game on Steam to distribute info-stealing malware to unsuspecting users downloading the title. A few days ago, the hacker (also tracked as...
View ArticleClik here to view.
New Koske Linux malware hides in cute panda images
A new Linux malware named Koske may have been developed with artificial intelligence and is using seemingly benign JPEG images of panda bears to deploy malware directly into system memory. Researchers...
View ArticleClik here to view.
BlackSuit ransomware extortion sites seized in Operation Checkmate
Law enforcement has seized the dark web extortion sites of the BlackSuit ransomware operation, which has targeted and breached the networks of hundreds of organizations worldwide over the past several...
View ArticleClik here to view.
Woman gets 8 years for aiding North Koreans infiltrate 300 US firms
Christina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate...
View ArticleClik here to view.
US sanctions North Korean firm, nationals behind IT worker schemes
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned three North Korean nationals and a company for supporting fraudulent IT worker schemes that generated...
View ArticleClik here to view.
The role of the cybersecurity PM in incident-driven development
Article written by cybersecurity expert Yuriy Tsibere. Gone are the days when cybersecurity meant stopping annoying viruses like the Love Bug. Today, it’s about battling a massive, financially...
View ArticleClik here to view.
Amazon AI coding agent hacked to inject data wiping commands
A hacker planted data wiping code in a version of Amazon’s generative AI-powered assistant, the Q Developer Extension for Visual Studio Code. Amazon Q is a free extension that uses generative AI to...
View ArticleClik here to view.
Post SMTP plugin flaw exposes 200K WordPress sites to hijacking attacks
More than 200,000 WordPress websites are using a vulnerable version of the Post SMTP plugin that allows hackers to take control of the administrator account. Post SMTP is a popular email delivery...
View ArticleClik here to view.
Allianz Life confirms data breach impacts majority of 1.4 million customers
Insurance company Allianz Life has confirmed that the personal information for the “majority” of its 1.4 million customers was exposed in a data breach that occurred earlier this month. “On July 16,...
View ArticleClik here to view.
Scattered Spider is running a VMware ESXi hacking spree
Scattered Spider hackers have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors....
View ArticleClik here to view.
Threat actors try to downgrade FIDO2 MFA auth in PoisonSeed phishing attack
Update 7/25:25: Expel researchers have recanted their story, stating that while the the threat actors are attempting to use a phishing attacks to bypass FIDO authentication, the Cross-Device...
View Article