The threat group used forged authentication tokens - with an acquired Microsoft account consumer signing key - to access the email accounts of more than two dozen organizations.
Jackie Burns Koven, head of cyber threat intelligence at Chainalysis, talks about cryptocurrency-related cybercrime.
The Microsoft zero-day flaw (CVE-2023-36884) is being leveraged by a Russian-based cybercriminal group in phishing emails sent to defense and government entities in Europe and North America.
An undocumented malicious driver called RedDriver uses an open-source tool to forge signature timestamps, as a way to bypass Microsoft’s Windows driver signature enforcement policies.
A California man allegedly gained unauthorized access to a water treatment plant network, “causing a threat to public health and safety,” according to the DoJ.
The update for the flaw (CVE-2023-37450) is available for iOS 16.5.1, macOS Ventura 13.4.1 and iPadOS 16.5.1.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
Progress Software has released a service pack that addresses three new vulnerabilities in its MOVEit Transfer application.
CISA warned of an increase in TrueBot malware attacks that exploit a known remote code execution flaw in the Netwrix Auditor application.
Operation Nervone shows how international and private-public sector collaboration is essential in identifying and arresting cybercriminals.
The Charming Kitten attack group is using new tools and tactics in recent operations, including a new macOS backdoor called NokNok.
A new bug in the Linux kernel (CVE-2023-3269) known as StackRot has been fixed in versions 6.1-6.4.
The critical flaw is exploitable remotely and has a low attack complexity, warns CISA.
A new, previously undetected, version of the Rustbucket macOS malware has been discovered in an intrusion by a known North Korean APT group.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.