In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement
Threat actors have sharply reduced the use of one of their favorite malware distribution tactics following Microsoft's decision earlier this year to disable Office macros in documents downloaded from the...
1,000s of Phishing Attacks Blast Off From InterPlanetary File System
The distributed, peer-to-peer (P2P) InterPlanetary File System (IPFS) has become a hotbed of phishing-site storage: Thousands of emails containing phishing URLs utilizing IPFS are showing up in corporate inboxes.
According to a...
APT-Like Phishing Threat Mirrors Landing Pages
A phishing campaign is underway that uses mirror images of target organizations' landing pages to trick victims into entering login credentials.
According to a report from security firm Avanan, the...
Patch Now: Atlassian Confluence Bug Under Active Exploit
A critical Atlassian Confluence vulnerability that was disclosed last week is now being actively exploited in the wild, researchers are warning.
According to researchers at Rapid7, the bug in question...
Average Data Breach Costs Soar to $4.4M in 2022
Sixty percent of breaches have resulted in companies recouping the cost of fines, clean-up, and technological improvements by increasing prices, essentially making consumers pay for breaches and companies' lack...
US Offers $10M Double-Reward for North Korea Cyberattacker Info
The federal Rewards for Justice program has doubled, to $10 million, the available reward for useful information about North Korean state-sponsored actors' attacks on US healthcare systems and other...
Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware
A cyber-weapons broker dubbed Knotweed has been outed, with Microsoft flagging it as being behind numerous spyware attacks on law firms, banks, and strategic consultancies in countries around the...
Discord, Telegram Services Hijacked to Launch Array of Cyberattacks
Threat actors have figured out how to use the existing functionality and infrastructure of popular messaging apps such as Telegram and Discord to host, launch, and execute a variety of...
Economic Downturn Raises Risk of Insiders Going Rogue
Declining economic conditions could make insiders more susceptible to recruitment offers from threat actors looking for allies to assist them in carrying out various attacks.
Enterprise security teams need to...
LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top
Reverse-engineering the latest ransomware executables from the group behind LockBit shows that the developers have added capabilities from other popular attack tools and are actively working to improve LockBit's...