SEARCH
Microsoft Warns of Ongoing Nobelium Supply Chain Attacks
Microsoft said that the threat group has used phishing and password-spraying attacks to compromise at least 14 IT service providers this year.
Decipher Podcast: Courtney Nash
Courtney Nash of Verica joins Dennis Fisher to talk about the new Verica Open Incident Database, which centralizes reports of software outages, security incidents, and near misses, and why studying the way systems fail is so valuable.
Researcher Discovers Private Keys to Decrypt Rogue Cobalt Strike Beacon Communications
Didier Stevens has discovered several shared keypairs used by rogue Cobalt Strike implementations used by malicious actors.
TodayZoo Phishing Kit Used to Swipe Microsoft Credentials
Microsoft researchers said TodayZoo, used for a massive campaign aimed at stealing victims’ credentials, was pieced together from an old phishing kit template.
U.S. Export Controls Crack Down on Surveillance Tools
A newly proposed interim final rule is the result of 2017 negotiations as part of the Wassenaar Arrangement after initial export rules were met with criticism.