Email Defenses Under Siege: Phishing Attacks Dramatically Improve
This week's report that cyberattackers are laser-focused on crafting attacks specialized to bypass Microsoft's default security showcases an alarming evolution in phishing tactics, security experts said this week.Threat actors...
Meta Flags Malicious Android, iOS Apps Affecting 1M Facebook Users
Facebook is contacting about 1 million users of its platform about their account details potentially being compromised by malicious Android or iOS applications.In a blog post on Oct. 7,...
LofyGang Uses 100s of Malicious NPM Packages to Poison Open Source Software
The LofyGang threat group is using more than 200 malicious NPM packages with thousands of installations to steal credit card data, and gaming and streaming accounts, before spreading stolen credentials and loot...
Russian Hackers Shut Down US State Government Websites
A hacktvist group with ties to the Russian government has claimed credit for cyberattacks on the government websites of three US states: Colorado, Kentucky, and Mississippi. The sites for Mississippi...
Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot
An emerging Russia-linked threat group is ramping up its malware-as-a-service operation by packaging several of its modules into a multifunctional malware offering, dubbed LilithBot, that it's peddling via Telegram.The Eternity...
US Consumers Are Finally Becoming More Security & Privacy Conscious
A survey on US consumer attitudes toward online privacy and security holds some potentially good news for enterprise organizations in an era of work-from-home and hybrid work models.The survey...
Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions
SECTOR 2022 -- Toronto — The first shots in the Russia-Ukraine cyberwar were fired virtually on Feb. 23, when destructive attacks were launched against organizations the day before Russian...
RatMilad Spyware Scurries onto Enterprise Android Phones
Attackers have been using a new spyware against enterprise Android devices, dubbed RatMilad and disguised as a helpful app to get around some countries' Internet restrictions.
For now, the campaign...
NullMixer Dropper Delivers a Multimalware Code Bomb
It's only after a user clicks a malicious link, downloads the malware, and then launches it that NullMixer is deployed. But once the dropper infects a victim's system, it...
CISA: Multiple APT Groups Infiltrate Defense Organization
Multiple advance persistent threat (APT) groups gained access to the network of a US-based defense organization in January 2021, extensively compromising the company's computers, network, and data for nearly...