Required MFA Is Not Sufficient for Strong Security: Report
Attackers and red teams find multiple ways to bypass poorly deployed MFA in enterprise environments, underscoring how redundancy and good design are still required.Multi-factor authentication (MFA) is among the...
How law enforcement can stay a step ahead of hackers
Cybercrime presents a range of challenges for law enforcement officials around the globe. Investigating and responding to these incidents requires technical expertise, the ability to see beyond borders, and...
Credit card fraudster Sergey Pavlovich writes a new chapter
Editor’s note: The early 2000s were a ripe time for credit card fraud, and so-called “carders” like Sergey Pavlovich were making a killing. But his luck would fade in...
DoJ Seizes $2.3M in Bitcoin Paid to Colonial Pipeline Attackers
The amount allegedly represents a May 8 payment to the DarkSide ransomware group.The Department of Justice today confirmed its seizure of 63.7 bitcoins, currently valued at $2.3 million, that...
Microsoft CISO Shares Remote Work Obstacles & Lessons Learned
Bret Arsenault explains changes he implemented along the way as Microsoft's workforce went from 20% to 97% remote.Organizations around the world were forced to shut down their offices and...
FBI Issued Encrypted Devices to Capture Criminals
A sting operation delivered devices into the hands of global criminals and used the intelligence gathered to stop drug crimes.The FBI this week detailed the results of a years-long...
Microsoft Patches 6 Zero-Days Under Active Attack
The June 2021 Patch Tuesday fixes 50 vulnerabilities, six of which are under attack and three of which were publicly known at the time of disclosure.Microsoft today deployed patches...
Cartoon Caption Winner: Road Trip
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2021-23391PUBLISHED: 2021-06-07This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through...
CISA Warns Criminals Seek to Exploit Critical VMware Bug
Organizations running vCenter Server and VMware Cloud Foundation are urged to apply fixes deployed on May 25.The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has published...
Latvian Woman Charged for Role In Crafting Trickbot Malware
Alla Witte and her associates are accused of using Trickbot to infect tens of millions of computers around the world, the Justice Department reports.The US government has charged a Latvian...
