New Mamba 2FA bypass service targets Microsoft 365 accounts
An emerging phishing-as-a-service (PhaaS) platform called Mamba 2FA has been observed targeting Microsoft 365 accounts in AiTM attacks using well-crafted…
Wisconsin DA investigating mayor’s removal of absentee ballot drop box
Mayor Doug Diny of Wausau, Wisconsin, posted a photo to social media showing himself removing an empty voting drop drop…
Timeshare Owner? The Mexican Drug Cartels Want You
The FBI is warning timeshare owners to be wary of a prevalent telemarketing scam involving a violent Mexican drug cartel…
New Eucleak attack lets threat actors clone YubiKey FIDO keys
A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers…
Innovator Spotlight: BackBox
Revolutionizing Network Security Automation I recently spoke with Rekha Shenoy, CEO of BackBox during the BlackHat conference, and her insights…
Black Basta Cybersecurity Advisory: Endpoint Protection for Healthcare
Recent studies have estimated that as many as 90% of successful cyberattacks and 70% of data breaches originate at the endpoint.…
Innovator Spotlight: Gurucul
It was a privilege to meet with Saryu Nayyar, CEO of Gurucul, a prominent woman leader in the cybersecurity industry.…
Sheltering From the Cyberattack Storm – Part Two
In the first part of this series, I discussed sophisticated cyberattacks, analyzed an example, and offered advice on how to remediate…
Pluralsight Releases Courses to Help Cyber Pros Defend Against Volt Typhoon Hacker Group
PRESS RELEASE Pluralsight, the technology workforce development company, today announced the release of its expert-led...
Hackers now use AppDomain Injection to drop CobaltStrike beacons
A wave of attacks that started in July 2024 rely on a less common technique called AppDomain Manager Injection, which can…