The Iranian state-backed group targeted the operational technology of a critical national infrastructure (CNI) network and persisted in its network for years, but ultimately failed. […]
‘CoGUI’ Phishing Kit Helps Chinese Hackers Target Japan
Japan is being peppered with an overwhelming volume of spam, thanks to a new platform popular across the East China Sea. ​The original article found […]
Windows flaw exploited as zero-day by more groups than previously thought
A privilege escalation vulnerability that Microsoft patched as a zero-day in April was known and used by more groups than initially revealed, including the gang […]
Pakistani Firm Shipped Fentanyl Analogs, Scams to US
A Texas firm recently charged with conspiring to distribute synthetic opioids in the United States is at the center of a vast network of companies […]
Meta Wins Lawsuit Against Spyware Vendor NSO Group
The spyware company must pay the tech giant $168 million in punitive and compensatory damages after a 2019 attack targeting 1,400 devices. ​The original article […]
TikTok Fined €530 Million Over Chinese Access to EU Data
European regulators sent an unmistakable message about messing around with GDPR-protected data. How can organizations avoid similar compliance hassles? ​The original article found on darkreading […]
Play Ransomware Group Used Windows Zero-Day
Previously, Microsoft reported that Storm-2460 had also used the privilege escalation bug to deploy ransomware on organizations in several countries. ​The original article found on […]
Security update causes new problem for Windows Hello for Business authentication
A fix introduced into Windows last month to close a weakness in Kerberos authentication is causing logon failures for some Windows Hello for Business (WHfB) […]
"Bring Your Own Installer" Attack Targets SentinelOne EDR
Researchers from Aon’s Stroz Friedberg incident response firm discovered a new attack type, known as “Bring Your Own Installer,” targeting misconfigured SentinelOne EDR installs. ​The […]
Samsung MagicINFO Server Flaw Now Actively Exploited – Huntress Uncovers Real-World Attacks
Cybersecurity researchers at Huntress have issued a warning after confirming active exploitation of a critical remote code execution (RCE) vulnerability in Samsung’s MagicINFO 9 digital […]