Google Docs Comments Weaponized in New Phishing Campaign
The operators behind a recent phishing campaign are exploiting the commenting feature in Google Docs to send seemingly legitimate emails that convince targets to click malicious links.This isn't the...
New Mexico’s Bernalillo County Investigates Ransomware Attack
New Mexico's Bernalillo County closed most county buildings on Jan. 5 after a suspected ransomware attack targeted its systems.Bernalillo County is the most populous in New Mexico and includes...
NY AG: 1.1M Online Consumer Accounts Found Compromised in Credential-Stuffing Attacks
The Office of the Attorney General (OAG) for the state of New York today said a months-long investigation into credential-stuffing operations uncovered some 1.1 million consumer online accounts that had been...
New Attack Campaign Exploits Microsoft Signature Verification
Security researchers are observing a new campaign in which attackers abuse the Microsoft e-signature verification to deploy Zloader, a banking malware designed to steal user credentials and private information.This...
Why We Need To Reframe the False-Positive Problem
The concept of false positives has been pushed and pulled around for years in the cybersecurity industry. Countless vendor-sponsored studies reinforce the idea that false positives are directly contributing...
FTC: Companies Could Face Legal Action for Failing to Patch Log4j
The Federal Trade Commission (FTC) is warning US organizations they may face legal penalties if they don't take steps to protect consumer information from exposure via the Lo4j vulnerability.
In...
Google Buys Siemplify to Get Ahead in Cloud Security
Google has acquired security services provider Siemplify in an effort to add security orchestration, automation, and response (SOAR) capabilities to its Google Cloud security portfolio, augment its Chronicle security...
Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells
Microsoft this week warned organizations about the high potential for threat actors to expand the use of the recently discovered remote code execution (RCE) vulnerabilities in the Apache Log4j...
McMenamins Breach Affected 23 Years of Employee Data
McMenamins, an Oregon-based operator of restaurants, hotels, movie theaters, concert venues, and other events, has confirmed a December 2021 ransomware attack that compromised employee data going back to Jan....
Florida’s Broward Health Confirms October 2021 Breach
Florida's Broward Health hospital system has notified employees and patients of a data breach that occurred on Oct. 15 and compromised a wide range of personal and medical information.
An...