Innovator Spotlight: Concentric
Data security is more critical than ever as organizations manage vast amounts of sensitive information across cloud and on-premises environments.…
DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks
The "Code-on-Toast" supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up…
Zero-Trust Endpoint Security
Zero-Trust Endpoint Security: How a Preventive Approach Can Limit Your Endpoint Attack Surface Endpoint security has become more critical than…
Microsoft creates fake Azure tenants to pull phishers into honeypots
Microsoft is using deceptive tactics against phishing actors by spawning realistic-looking honeypot tenants with access to Azure and lure cybercriminals…
MacOS Safari ‘HM Surf’ Exploit Exposes Camera, Mic, Browser Data
Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have…
Time to Get Strict With DMARC
Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies.…
Microsoft warns it lost some customer’s security logs for a month
Microsoft is warning enterprise customers that, for almost a month, a bug caused critical logs to be partially lost, putting…
Fake Google Meet conference errors push infostealing malware
A new ClickFix campaign is luring users to fraudulent Google Meet conference pages showing fake connectivity errors that deliver info-stealing malware…
Sudanese Brothers Arrested in ‘AnonSudan’ Takedown
The U.S. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a.…
Iranian hackers act as brokers selling critical infrastructure access
Iranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums…