Organizations Should Establish ‘Blame-Free Employee Reporting’ of...

CISA’s description of the latest phishing attempts fit the bill for spearphishing, where the attackers typically go after a high-profile victim who handles the company’s finances, or an executive.

Joker's Stash, the internet's largest carding forum, is shutting down

Joker's Stash, the internet's notorious and largest marketplace for buying & selling stolen card data, announced that it was shutting down within a month, on February 15, 2021.

NSA Warns Against Using DNS-over-HTTPS Inside Enterprise Networks, Urges Using Self-Hosted DNS Resolvers

The US National Security Agency has published today a guide on the benefits and risks of encrypted DNS protocols, such as DNS-over-HTTPS (DoH), which have become widely used over the past two years.

Iranian cyberspies behind major Christmas SMS spear-phishing campaign

An Iranian espionage group known as Charming Kitten has used the recent winter holiday break to attack targets from all over the world using a very sophisticated spear-phishing campaign that involved not only email attacks but also SMS messages.

Google reveals sophisticated Windows and Android hacking operation

Google published a six-part report today detailing a sophisticated hacking operation that the company detected in early 2020 and which targeted owners of both Android and Windows devices.

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

New research demonstrates how an adversary in possession of a two-factor authentication (2FA) device can clone it by exploiting an electromagnetic side-channel in the chip embedded in it.

Australian cybersecurity agency used as cover in malware campaign

Scammers coordinating these attacks are also actively attempting to convince potential victims to install remote administration and desktop sharing software to steal the targets' banking information.

PayPal phishing texts state your account is 'limited'

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft purposes.

How to Detect and Search for SolarWinds IOCs in LogRhythm

LogRhythm Labs has gathered up the IOCs from CISA, Volexity, and FireEye associated with the recent SolarWinds supply chain attack and made them available in GitHub repository.

Hackers target COVID-19 vaccine supply chain and sell the vaccine in Darkweb

Cybersecurity experts from Cyble discovered in several forums on the dark web, the offer for enormous repositories of critical medical that wee stolen from multiple organizations.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags