Over the last few months, the topic of email bombing has been brought to our attention multiple times, mostly queries from customers that go something like this:
A phishing campaign targeting automotive, chemical, and industrial manufacturing companies in Germany and the UK is abusing HubSpot to steal Microsoft Azure account credentials. [...]
Gain insight into how Dutch school district, CVO Rotterdam e.o., is taking steps to ensure they have technical solutions in place that will help them comply with the new Normenkader Funderend...
Forescout Technologies has analyzed data from a public malware repository, revealing a persistent presence of malware targeting operational... The post New Forescout research details persistent...
Today, CISA urged senior government and political officials to switch to end-to-end encrypted messaging apps like Signal following a wave of telecom breaches across dozens of countries, including...
Today, CISA urged senior government and political officials to switch to end-to-end encrypted messaging apps like Signal following a wave of telecom breaches across dozens of countries, including...
Adam Griffin is still in disbelief over how quickly he was robbed of nearly $500,000 in cryptocurrencies. A scammer called using a real Google phone number to warn his Gmail account was being...
Specialized AI models provide precise, domain-specific solutions for robotics, biotech, and materials science challenges.
This is a comprehensive QRadar vs. Splunk SIEM tool comparison, covering their features, pricing, and more. Use this guide to find the best SIEM tool for you.
Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply...
The U.S. has a strategic defense plan and multiple layers of defense for critical infrastructure, but significant gaps remain. This post outlines the critical and non-critical infrastructure...
Androxgh0st, a botnet targeting web servers since January 2024, is also deploying IoT-focused Mozi payloads, reveals CloudSEK’s latest research.
Trend Micro highlighted a case where an attacker posed as a client on an MS Teams call to distribute DarkGate malware
CERT Polska has received a report about 2 vulnerabilities ( CVE-2024-4995 and CVE-2024-4996) found in Wapro ERP Desktop software from Asseco Business Solutions.
Recorded Future, an American threat intelligence company, has become the first cybersecurity firm designated by the Russian government as an "undesirable" organization. [...]
The suspects were apprehended in a surprise operation at their hideout in Lagos following intelligence received by Nigeria's Economic and Financial Crimes Commission
Meta Platforms, the parent company of Facebook, Instagram, WhatsApp, and Threads, has been fined €251 million (around $263 million) for a 2018 data breach that impacted millions of users in the...
Interpol calls on the cybersecurity community, law enforcement, and the media to stop using the term "Pig Butchering" when referring to online relationship and investment scams, as it...
Industrial cybersecurity vendor Dragos highlighted that during the third calendar quarter of 2024 transformative shifts were observed in... The post Dragos reports ransomware shifts in Q3, with...
The Federal Bureau of Investigation (FBI) published Tuesday a Private Industry Notification (PIN) to spotlight HiatusRAT scanning campaigns... The post FBI warns of HiatusRAT scanning campaigns...
Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries...
The Irish Data Protection Commission has fined Meta $263m for a 2018 data breach impacting 29 million Facebook accounts
While you're enjoying the holiday season, cybercriminals could be gearing up for their next big attack – make sure your company's defenses are ready, no matter the time of year
The European Commission is investigating whether TikTok allowed foreign actors to influence voters during recent Romanian elections
This article is the result of a joint investigation by Bellingcat and Lloyd’s List. Ukraine has said it is “outraged” after a Russian-flagged vessel surreptitiously exported grain from a port...
A phishing campaign targeting European companies used fake forms made with HubSpot's Free Form Builder, leading to credential harvesting and Azure account takeover. The post Effective Phishing...
The Cybersecurity and Infrastructure Security Agency (CISA) issued a binding directive on Tuesday giving federal agencies a series of deadlines to identify cloud systems, implement assessment...
Editor's note: The following blog post originally appeared on Levi Gundert's Substack page.IntroductionA past conversation with an undercover federal agent who specializes in money laundering...
In June 2024, Unit 42 researchers identified a phishing campaign targeting approximately 20,000 users in European automotive, chemical, and industrial compound manufacturing sectors, particularly...
OWASP has issued a new guide specifically for addressing and mitigating deepfake security risks by applying fundamental security principles.