CISA, Australia, Canada, New Zealand, & UK Issue Joint Advisory on Russian Cyber Threats
The US, Australia, Canada, New Zealand, and the UK today issued a detailed joint advisory on the increased risk of cyberattacks out of Russia — both nation-state espionage and cybercriminal activity.
The...
Okta Wraps Up Lapsus$ Investigation, Pledges More Third-Party Controls
Identity cloud provider Okta concluded its investigation into a recent breach of its systems by the Lapsus$ extortion group, which gained access to some of company's systems through a...
LinkedIn Brand Now the Most Abused in Phishing Attempts
Shipping, retail, and tech companies are no longer the most popular brands used to hide phishing attacks. Instead, social media platforms have become the brands of choice used to...
Zero-Day Exploit Use Exploded in 2021
Threat actors exploited more zero-day vulnerabilities in 2021 than any prior year and mostly in software from Microsoft, Google, and Apple.
State-backed advanced persistent threat actors remained the most prolific...
FBI Warns Ransomware Attacks on Agriculture Co-ops Could Upend Food Supply Chain
Ransomware operators are eyeing attacks on large networks of farmers, called agriculture cooperatives, during make-or-break planting and harvest seasons, when they are likely most desperate to pay, according to...
North Korean State Actors Deploying Novel Malware to Spy on Journalists
New analysis has attributed a spear-phishing campaign targeting journalists covering North Korea to APT37/Ricochet Chollimia, a state-backed group linked to the Democratic People's Republic of Korea (DPRK). Notably, researchers...
Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw
An Iranian cyber espionage group that some vendors track as Rocket Kitten has begun exploiting a recently patched critical vulnerability in VMware Workspace ONE Access/Identity Manager technology to deliver...
Cyber Conflict Overshadowed a Major Government Ransomware Alert
As the cyber dimension of the Ukraine conflict erupted, demonstrating the ungoverned and unstable nature of full-on cyberwar, a parallel ransomware alert from the US government got comparatively scant...
API Attacks Soar Amid the Growing Application Surface Area
Driven by the popularity of agile development, the usage of Web application programming interfaces (APIs) has increased dramatically, leaving software-focused companies with larger, and more vulnerable, attack surfaces that...
