The U.S. Treasury Department has sanctioned a network of individuals and front companies linked to North Korea’s Ministry of National Defense that have generated revenue via illegal remote IT work schemes. […]
Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting
The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims’ WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection.
“Star Blizzard’s targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations
“Star Blizzard’s targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relations
Biden signs executive order to bolster national cybersecurity
Days before leaving office, President Joe Biden signed an executive order to shore up the United States’ cybersecurity by making it easier to sanction hacking groups targeting federal agencies and the nation’s critical infrastructure. […]
Cisco Unveils New AI Application Security Solution
Cisco has unveiled AI Defense, a solution designed to help organizations protect development and use of AI applications.
The post Cisco Unveils New AI Application Security Solution appeared first on SecurityWeek.
Wolf Haldenstein law firm says 3.5 million impacted by data breach
Wolf Haldenstein Adler Freeman & Herz LLP (“Wolf Haldenstein”) reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to hackers. […]
FTC sues GoDaddy for years of poor hosting security practices
The FTC will require web hosting giant GoDaddy to implement basic security protections, such as multi-factor authentication and HTTPS APIs, to settle charges that it failed to secure its hosting services against attacks since 2018. […]
Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups
Microsoft researchers catches Russia’s Star Blizzard hackers spear-phishing with QR codes and WhatsApp group chats.
The post Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups appeared first on SecurityWeek.
New UEFI Secure Boot flaw exposes systems to bootkits, patch now
A new UEFI Secure Boot bypass vulnerability tracked as CVE-2024-7344 that affects a Microsoft-signed application could be exploited to deploy bootkits even if Secure Boot protection is active. […]
MFA Failures – The Worst is Yet to Come
This article delves into the rising tide of MFA failures, the alarming role of generative AI in amplifying these attacks, the growing user discontent weakening our defenses, and the glaring vulnerabilities being frequently exploited. The storm is building, and the worst is yet to come. […]
Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws
New research shows that over 4 million systems on the internet, including VPN servers and home routers, are vulnerable to attacks due to tunneling protocol flaws.
The post Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws appeared first on SecurityWeek.