Tag: Featured

January 19, 2022

Phishers are trying to harvest credentials for Office 365 or other business email accounts by impersonating the U.S. Department of Labor (DOL), Inky‘s researchers have warned. The ploy? The DOL is ostensibly inviting companies to submit “proposals from qualified contractors […]

January 19, 2022

The “simple but devastating flaw” in the encryption of the MY2022 app, which is used to monitor Covid and is mandatory for athletes, journalists and other attendees of the games in China’s capital, could allow health information, voice messages and […]

January 18, 2022

After a banner year for vulnerabilities and cyberattacks in 2021, organizations believe they are fighting a “losing battle” against security vulnerabilities and threats, “despite the billions of dollars spent collectively on cybersecurity technology,” according to an annual security report from […]

January 18, 2022

Ukraine said on Sunday that it had evidence Moscow was behind the attack last week that knocked out government websites — but the Kremlin has denied any involvement. NATO Secretary General Jens Stoltenberg said Friday that experts from NATO and […]

January 12, 2022

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, […]

January 12, 2022

Initially announced in early November 2021, the list includes more than 300 vulnerabilities that are a frequent attack vector in malicious attacks, and which represent a significant risk to federal organizations. The Known Exploited Vulnerabilities Catalog was published along with […]

January 11, 2022

Lookout, an endpoint-to-cloud cyber security company, have put together their cyber security predictions for 2022. 1 — Cloud connectivity and cloud-to-cloud connectivity will amplify supply-chain breaches One area organizations need to continue to monitor in 2022 is the software supply […]

January 11, 2022

Tracked as CVE-2021-30970, the new security error, which Microsoft calls powerdir, allows an attacker to bypass the platform’s Transparency, Consent, and Control (TCC) technology and “potentially orchestrate an attack based on the user’s protected personal data.” Introduced in 2012, TCC […]

January 10, 2022

For a growing number of organizations, IT environments encompass a blend of public cloud services, private clouds, and on-premises infrastructure—with the latter becoming an ever-smaller portion of the mix. The past two years have seen a major uptick in the […]

January 5, 2022

Cybersecurity researchers have taken the wraps of an organized financial-theft operation undertaken by a discreet actor to target transaction processing systems and siphon funds from entities primarily located in Latin America for at least four years. The malicious hacking group […]