The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. […]
Microsoft Outlook Flaw Exploited by Russia’s APT28 to Hack Czech, German Entities
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S.
The Czech Republic’s Ministry of Foreign Affairs (MFA), in a statement, said some unnamed
The Czech Republic’s Ministry of Foreign Affairs (MFA), in a statement, said some unnamed
Android bug can leak DNS traffic with VPN kill switch enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the “Always-on VPN” feature was enabled with the “Block connections without VPN” option. […]
Android bug leaks DNS queries even when VPN kill switch is enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the “Always-on VPN” feature was enabled with the “Block connections without VPN” option. […]
NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. […]
Google rolls back reCaptcha update to fix Firefox issues
Google has rolled back a recent release of its reCaptcha captcha script after a bug caused the service to no longer work on Firefox for Windows. […]
NATO and EU condemn Russia’s cyberattacks against Germany, Czechia
NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28. […]
Microsoft rolls out passkey auth for personal Microsoft accounts
Microsoft announced that Windows users can now log into their Microsoft consumer accounts using a passkey, allowing users to authenticate using password-less methods such as Windows Hello, FIDO2 security keys, biometric data (facial scans or fingerprints), or device PINs. […]
Expert-Led Webinar – Uncovering Latest DDoS Tactics and Learn How to Fight Back
In today’s rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these cyber threats grow in sophistication, understanding and countering them becomes crucial for any business seeking to protect its online presence.
To address this urgent need, we are thrilled to announce our upcoming webinar, “Uncovering Contemporary
To address this urgent need, we are thrilled to announce our upcoming webinar, “Uncovering Contemporary
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection.
This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.
This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.