Ransomware attackers compromised deceased employee's account to access a domain admin account. The incident is a sad reminder of some cyber hygiene standards too often overlooked. The post Even dead...
While Apple has a significant focus on making iOS secure, one researcher said increasingly complex capabilities often bring vulnerabilities. The post Apple Patches Three New iOS Zero-Days appeared...
Cybersecurity researchers and the U.S. Cyber Command are warning users about a decade-old buffer overflow bug in sudo that can grant root access to malicious users with low level access to systems....
The voluntary, collaborative posture taken by different private and public stakeholders is what sets this takedown apart from others. The post Law enforcement strikes back at Emotet, one of the...
FBI Director Christopher Wray speaks at an event in Washington, D.C. Security pros knew that attacks on VPNs had become serious when the FBI and CISA issued a warning last fall. Today’s columnist,...
Cybercriminals have been using a phishing kit featuring fake Office 365 password alerts as a lure to target the credentials of chief executives, business owners and other high-level corporate...
Attackers exploit Microsoft 365 “read receipt” and “out of office” message loopholes to evade auto-remediation of a malicious email. The post BEC attack techniques exploit Microsoft 365 messages...
Aspiring infosec professionals have the opportunity to hone their craft as companies develop talent from within, potentially with government funding, and chip away at the diversity problem. The post...
With backing from Google infrastructure and support from a host of industry partners, the features have the potential to significantly expand the footprint of zero trust solutions within industry...
Depending on how widespread the compromises were, it could potentially taint some research and defensive strategies that threat intelligence firms share with businesses and other organizations. The...