LogoKit Group Aims for Simple Yet Effective Phishing
A phishing kit that uses embedded JavaScript targeted the users of more than 300 sites in the past week, aiming to grab credentials for SharePoint, Adobe Document Cloud, and...
Intl. Law Enforcement Operation Disrupts Emotet Botnet
Global law enforcement agencies have seized control of Emotet infrastructure, disrupting one of the world's most pervasive and dangerous cyber threats.A coordinated global law enforcement operation has disrupted the...
North Korean Attackers Target Security Researchers via Social Media: Google
Google TAG warns the infosec community of unsolicited requests from individuals seeking collaboration on vulnerability research.Security experts focused on vulnerability research and development are targets of a social engineering...
Pay-Or-Get-Breached Ransomware Schemes Take Off
In 2020, ransomware attackers moved quickly to adopt so-called "double extortion" schemes, with more than 550 incidents in the fourth quarter alone.The "pay or get breached" ransomware trend —...
Small Security Teams Have Big Security Fears, CISOs Report
Researchers poll security leaders who are tasked with protecting large organizations but have a small presence and budget.CISOs who lead small security teams at large organizations feel more vulnerable...
Why North Korea Excels in Cybercrime
North Korea is laser-focused on boosting its cyber capabilities, and it's doing a remarkable job of it.Although the US and the United Nations have levied sanctions meant to prevent...
7 Steps to Secure a WordPress Site
Many companies operate under the assumption that their WordPress sites are secure -- and that couldn't be anything further from the truth.1 of 8
WordPress sites account for more than...
Attackers Leave Stolen Credentials Searchable on Google
Operators behind a global phishing campaign inadvertently left thousands of stolen credentials accessible via Google Search.The attackers behind a summer 2020 phishing campaign accidentally exposed the credentials they stole...
SolarWinds Attack Underscores ‘New Dimension’ in Cyber-Espionage Tactics
Meanwhile, Malwarebytes is the latest victim, Symantec discovers a fourth piece of malware used in the massive attack campaign, and FireEye Mandiant releases a free tool to help spot...
Microsoft to Launch ‘Enforcement Mode’ for Zerologon Flaw
Enforcement mode for the Netlogon Domain Controller will be enabled by default with the Feb. 9 security update.Microsoft has warned IT security admins that starting with its Feb. 9,...
