Cybercriminals behind a successful phishing campaign have exposed more than 1,000 corporate employee credentials on the Internet, according to a warning from security vendor Check Point. read more
Department for Education says 'we believe this is not widespread' A shipment of laptops supplied to British schoolkids by the Department for Education to help them learn under lockdown came preloaded with malware, The Register can reveal.…
Thorough counter-detection methods laid bare by Redmond The SolarWinds hackers triggered one of their Cobalt Strike implants in the firm's network through a cunning VBScript that was activated by a routine system process, Microsoft has said.…
Security updates released this week by the developers of the Drupal content management system (CMS) patch a vulnerability identified in a third-party library. read more
Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms.
A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments.
Here's the latest podcast - listen now!
Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop - Microsoft Security
https://www.thedailybeast.com/why-russias-overseas-spies-keep-getting-caughtWhy Russia’s Overseas Spies Keep Getting Caught
https://www.youtube.com/watch?v=aVr8ZuSf26QSome great talks.
https://www.bbc.co.uk/sounds/play/b00rdxm1Document - Propaganda in Northern Ireland - BBC Sounds
‘I Was Running Two Parallel Lives’: An Ex-Secret Service Agent Opens Up About Going Undercover To Catch Cybercriminals | The Record by Recor
The more things change... the more they stay the same!
The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
A recently identified malvertising campaign targeting mobile and other connected devices users makes heavy use of obfuscation and cloaking to avoid detection. read more
