QuickBooks Vishing Scam Targets Small Businesses
Cybercriminals are posing as Intuit's popular accounting software package QuickBooks to target Google Workspace and Microsoft 365 small business users in a voice-phishing scam.
The campaign sends a false invoice...
‘Nobody is holding them back’ — North Korean cyber-attack threat rises
North Korea-backed cyberattacks on cryptocurrency and tech firms will only become more sophisticated over time as the country battles prolonged economic sanctions and resource shortages. Former CIA analyst Soo Kim...
More than $4.7M stolen in Uniswap fake token phishing attack
A sophisticated phishing campaign targeting liquidity providers (LPs) of the Uniswap v3 protocol has seen attackers make off with at least $4.7 million worth of Ether (ETH). However, the...
‘Luna Moth’ Group Ransoms Data Without the Ransomware
A little social engineering and commercially available remote administration tools (RATs) and other software are all the new Luna Moth ransom group has needed to infiltrate victims' systems and...
Fake Google Software Updates Spread New Ransomware
Threat actors are increasingly using fake Microsoft and Google software updates to try to sneak malware on target systems.
The latest example is "HavanaCrypt," a new ransomware tool that researchers...
Understanding your API attack surface: How to get started
We live in a world of cloud computing, mobile devices and microservices. Nearly every application we interact with is powered by APIs, often many, especially when dealing with the...
Microsoft Reverses Course on Blocking Office Macros by Default
Updated 5:19 p.m. EDT to include Microsoft's clarification that the change is temporary.
Several security experts expressed disappointment this week at Microsoft's quiet reversal Wednesday of a decision it had...
What is Infrastructure as Code? The Best Way to Fully Control Your Cloud Configuration
Cloud-first computing has taken the tech world by storm, and for good reason. Cloud native infrastructure gives developers and organizations the tools to create and scale new software more...
ICYMI: Critical Cisco RCE Bug, Microsoft Breaks Down Hive, SHI Cyberattack
Cybercrime never sleeps — but editors do. To cap off this short Fourth of July week, Dark Reading's editors are collecting all of the interesting threat intelligence and cyber-incident stories...
In Switch, Trickbot Group Now Attacking Ukrainian Targets
In a break from precedent, Russia's hitherto purely financially motivated Trickbot threat group has systematically been attacking targets in Ukraine over the past three months, apparently in support of...