Extortion Group Exploits Cloud Misconfigurations, Targets 110,000 Domains
An unknown threat group leveraged publicly exposed environment variables in organizations' AWS accounts to exfiltrate sensitive data and demand ransoms in a wide-ranging extortion campaign that targeted 110,000 domains ...
Mandatory MFA is Coming to Microsoft Azure
Microsoft is making MFA mandatory for signing into Azure accounts, the latest step in the IT vendor's Secure Future Initiative that it expanded in May in the wake of two embarrassing breaches ...
The Essential Guide to Evaluating Competitive Identity Verification Solutions
Amid customer and regulatory pressure and intensifying cyberattacks, organizations must ensure their identity verification strategies match up against AI-powered fraud techniques ...
Lawmakers Ask for Probe of Chinese Router Maker TP-Link
Two U.S. lawmakers are asking the Commerce Department to investigate whether the Wi-Fi routers built by Chinese company TP-Link could be used by Chinese-sponsored threat groups to infiltrate U.S. government and private ...
ReliaQuest: Watch Out for Info-Stealers and RATs
ReliaQuest ranked LummaC2 and SocGholish among the top malware seen in Q2 and rounded out the top five list with AsyncRat, Oyster, and the growing numbers of info-stealers that were built using ...
Don’t Mess With Texas Privacy: AG Sues GM for $18 BILLION
KP♡TX PII: “General Motors has engaged in egregious business practices that violated Texans’ privacy … in unthinkable ways,” rants state attorney general Ken Paxton (pictured) ...
Google: Iranian Group APT42 Behind Trump, Biden Hack Attempts
Google cybersecurity researchers confirm that the Iranian-sponsored APT42 threat group is being ongoing phishing campaigns against President Biden, Vice President Harris, and ex-President Trump in an attempt to influence the upcoming presidential ...
Microsoft’s August Security Update on High-Risk Vulnerabilities in Multiple Products
Overview On August 14, NSFOCUS CERT detected that Microsoft released a security update patch for August, which fixed 90 security issues involving widely used products such as Windows, Microsoft Office, Visual Studio ...
August Patch Pileup: Microsoft’s Zero-Day Doozy Dump
See These CVEs: Patch Tuesday—ten zero-days, seven Critical vulns, zero time to waste ...
Putting Threat Modeling Into Practice: A Guide for Business Leaders
By pushing past the hurdles that can make threat modeling challenging, business leaders can take full advantage of threat models to give their organizations a leg up in the battle against cyberattacks ...
