Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack
The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled…
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts
Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and…
Ukraine aid could be saved by obscure congressional rules, Reagan-era politics, Boll Weevils and Gypsy Moths
An obscure congressional rule could force the House to vote on Ukraine aid without Speaker Johnson's blessing, but the last…
How the Ukraine aid debate could bring back a House infestation of boll weevils and gypsy moths
A discharge petition are methods for a majority of House members to bypass the House Speaker, some members of Congress…
New Windows Server updates cause domain controller crashes, reboots
The March 2024 Windows Server updates are causing some domain controllers to crash and restart, according to widespread reports from Windows administrators.…
Bitcoin Fog mixer operator convicted for laundering $400 million
Russian-Swedish national Roman Sterlingov was convicted by a federal jury in Washington, D.C., for operating Bitcoin Fog between 2011 and…
Exploit available for new critical TeamCity auth bypass bug, patch now
A critical vulnerability (CVE-2024-27198) in the TeamCity On-Premises CI/CD solution from JetBrains can let a remote unauthenticated attacker take control…
Hackers target FCC, crypto firms in advanced Okta phishing attacks
A new phishing kit named CryptoChameleon is being used to target Federal Communications Commission (FCC) employees, using specially crafted single sign-on…
GitHub enables push protection by default to stop secrets leak
GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access…
Malicious code in Tornado Cash governance proposal puts user funds at risk
Malicious JavaScript code hidden in a Tornado Cash governance proposal has been leaking deposit notes and data to a private…