90% of Successful Attacks Seen in the Wild Resulted in Leaked Sensitive Data – Dark Reading
Post Content – Read More
Cyber
Australia Intros Its First National Cyber Legislation – Dark Reading
The bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives. – Read More
Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users – Dark Reading
A stealthy new underground offering uses sophisticated adversary-in-the-middle (AitM) techniques to convincingly serve up “Microsoft” login pages of various kinds, with dynamic enterprise branding. – Read More
3 More Ivanti Cloud Vulns Exploited in the Wild – Dark Reading
The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor’s Cloud Services Appliance (CSA). – Read More
Cloud, AI Talent Gaps Plague Cybersecurity Teams – Dark Reading
Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives. – Read More
Lamborghini Carjackers Lured by $243M Cyberheist – Krebs on Security
The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later — while out house-hunting in…
Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale – The Hacker News
Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams. The initiative, which has been codenamed the…
Microsoft October update patches two zero-day vulnerabilities it says are being actively exploited – CSO Online
The drama of Patch Tuesday often revolves around zero days, which in October’s haul of 117 vulnerabilities brings patch managers a total of five that have been publicly disclosed. Of…
AI-Augmented Email Analysis Spots Latest Scams, Bad Content – Dark Reading
Multimodal AI systems can help enterprise defenders weed out fraudulent emails, even if the system has not seen that type of message before. – Read More
Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries – The Hacker News
Details have emerged about multiple security vulnerabilities in two implementations of the Manufacturing Message Specification (MMS) protocol that, if successfully exploited, could have severe impacts in industrial environments. “The vulnerabilities…
Building Cyber Resilience in SMBs With Limited Resources – Dark Reading
With careful planning, ongoing evaluation, and a commitment to treat cybersecurity as a core business function, SMBs can transform their vulnerabilities into strengths. – Read More
N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware – The Hacker News
Threat actors with ties to North Korea have been observed targeting job seekers in the tech industry to deliver updated versions of known malware families tracked as BeaverTail and InvisibleFerret.…
Social Media Accounts: The Weak Link in Organizational SaaS Security – The Hacker News
Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However,…
Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks – Dark Reading
Since April, attackers have increased their use of Dropbox, OneDrive, and SharePoint to steal the credentials of business users and conduct further malicious activity. – Read More
The CISO’s guide to establishing quantum resilience – CSO Online
Pundits evangelize the benefits and challenges enterprises will face in a post-quantum era, but much still needs to be accomplished before these profound transformations of the computing world will appear…