Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2.
Microsoft has linked a threat that emerged in June 2021 and targets small-to-mid-sized businesses to state-sponsored actors tracked as DEV-0530.
Since 2021, various state-aligned threat groups have turned up their targeting of journalists to siphon data and credentials and also track them.
Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets.
Victims instructed to make a phone call that will direct them to a link for downloading malware.
Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market.
Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist.
In March, a North Korean APT siphoned blockchain gaming platform Axie Infinity of $540M.
The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.
State-sponsored actors are deploying the unique malware–which targets specific files and leaves no ransomware note–in ongoing attacks.