SEARCH
All Articles
Law Enforcement Agencies Arrested 65 in BEC Crackdown
A widespread, international crackdown on business email compromise resulted in the arrest of 65 suspects.
CISA Warns of Attacks on UPS Devices
CISA is warning enterprises about ongoing attacks against Internet-connected UPS devices and encouraging them to change default credentials and enforce MFA.
Decipher Podcast: Caitlin Condon
Caitlin Condon, vulnerability research manager at Rapid7, talks about the rise of “widespread threats,” how the time to exploitation by attackers has shifted and what that means for security teams.
FBI: Election Officials in Nine States Received Phishing Emails
U.S. election officials and other state and local government officials received invoice-themed phishing emails aiming to steal their credentials, warned the FBI.
IcedID Thread-Hijacking Attack Uses Compromised Exchange Servers
Attackers are using compromised Microsoft Exchange servers to launch thread-hijacking attacks that infect victims with the IcedID malware.
Urgent Update for Chrome Fixes Zero Day Under Attack
Google has patched a zero day in the V8 engine in Chrome that is under active attack.
Decipher Podcast: Source Code 3/25
This week's Source Code podcast by Decipher takes a look behind the scenes at top news with input from our sources.
Azure Developers Targeted By Malicious NPM Packages
A recent campaign targeted Azure developers with malicious npm packages designed to look like legitimate tools.
North Korean Actors Exploited Chrome Flaw to Target U.S. Orgs
Google researchers have detailed campaigns by two North Korean government-backed groups that exploited a now-fixed Chrome flaw to target organizations across various industries.
U.S. Indicts Four Russians Allegedly Behind Triton and Dragonfly Attacks
The U.S. has indicted four Russians it alleges are affiliated with the FSB and GRU units responsible for the Triton and Dragonfly attacks against critical infrastructure in the United States and abroad.
Lapsus$ Group Uses ‘Unique Blend’ of Social Engineering, Identity-Centric Tactics
The Lapsus$ group, which most recently claimed breaches of Microsoft and Okta, relies on several tactics used less frequently by other threat groups.
Microsoft Confirms Hack by Lapsus$ Group
Microsoft has confirmed that the Lapsus$ group gained "limited" access after the group leaked Bing, Bing Maps and Cortana source code.
Okta Says Small Percentage of Customers Affected by Breach
The Lapsus$ hacking and extortion group claims to have had access to internal Okta systems since January, but the company said it looked into the incident at a third party and it was contained.
FBI: AvosLocker Ransomware Hitting U.S. Critical Infrastructure
The AvosLocker ransomware-as-a-service is spread via ProxyShell exploits and spam email messages, and in some cases attackers threaten DDoS attacks during negotiations.
Google Details New ‘Exotic Lily’ Initial Access Group
A new initial access broker known as Exotic Lily has used exploits for zero days and sells network access to cybercrime teams such as FIN12 for ransomware deployment.