Cybercriminals Don’t Care About National Cyber Policy
We can’t put defense on hold until Inauguration Day.
We can’t put defense on hold until Inauguration Day.
Related
China-Linked Threat Group Targets Japanese Orgs’ Servers
Winnti once used a variety of malware, but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.
CERT-UA Reports Cyberattacks Targeting Ukrainian State Systems with WRECKSTEEL Malware
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links…
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat….
CISA: Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.
CISA Warns of Attacks Targeting Commvault SaaS Environment
A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault’s Metallic service.