The malware loader was recently observed in almost two dozen email campaigns that appeared to target English speakers and involved lures related to shipping orders and billing, invoice and purchase requests or inquiries.
Public disclosure of the Caesars cyberattack comes as MGM Resorts continues to face disruption across its hotels and casinos due to a separate cyber incident.
Welcome back to Source Code, Decipher's weekly news wrap podcast with input from our sources.
Microsoft is warning enterprises about a recent Teams-based phishing campaign operated by a developing thrat group known as Storm-0342.
The Microsoft flaws join a rash of zero days disclosed over the past week by various companies, including Apple, Google and Adobe.
In an Open Source Software Security Roadmap released on Tuesday, the agency said it wants to build up the capabilities to better understand the complex open source ecosystem and create visibility around the security risks in this landscape.
Adobe is warning Acrobat and Acrobat Reader users about an actively exploited vulnerability in those products.
Google said that the flaw was reported by Apple’s Security Engineering and Architecture team and Citizen Lab on Sept. 6.
A new strain of infostealer targeting Macs, known as MetaStealer, is hitting enterprises.
Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch break down a busy news week, including Microsoft's revelations about the theft of its signing key, the Trickbot group sanctions, and some new Apple iOS zero days.
Apple has rolled out iOS 16.6.1, iPadOS 16.6.1, watchOS 9.6.2 and macOS Ventura 13.5.2 to address the security flaws.
Fixes for both the Zoho and Fortinet vulnerabilities have been available since last year.
The Department of the Treasury and the U.K. government have sanctioned 11 alleged members of the Trickbot group and say the group is allied with Russian intelligence.
Microsoft answered lingering questions about how China-based threat actors acquired a Microsoft account consumer signing key, leading to the previously disclosed hack of several Outlook accounts.
A threat group, active for six years, has created an underground marketplace where it sells at least 16 custom tools and an advanced phishing kit to a clientele of at least 500 threat actors.