The Frontier of Security: Safeguarding Non-Human Identities
Dropbox, Microsoft, Okta – not only are these all major software companies, but each of them has fallen victim to…
390,000 WordPress accounts stolen from hackers in supply chain attack
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat…
Hackers exploit ProjectSend flaw to backdoor exposed servers
Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote…
Microsoft disrupts ONNX phishing-as-a-service infrastructure
Microsoft has seized 240 domains used by customers of ONNX, a phishing-as-a-service (PhaaS) platform, to target companies and individuals across…
Modern Phishing Challenges and the Browser Security Strategies to Combat Them
In today’s landscape of advanced phishing attacks, which leverage legitimate domains and sophisticated tactics to evade traditional security measures, it…
Fake Copyright Infringement Emails Spread Rhadamanthys
Attackers are triggering victims' deep-seated fear of getting in trouble in order to spread the sophisticated stealer across continents.
FIN7 hackers launch deepfake nude “generator” sites to spread malware
The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with…
Google: Iran’s Charming Kitten Targets US Presidential Elections, Israeli Military
The threat group tracked as APT42 remains on the warpath with various phishing and other social engineering campaigns, as tensions…
Chinese hacking groups target Russian government, IT firms
A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian…
Point of entry: Why hackers target stolen credentials for initial access
Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking…