Please turn on your JavaScript for this page to function normally.
How to recruit cybersecurity talent from atypical backgrounds

In this interview with Help Net Security, Max Shuftan, Director of Mission Programs & Partnerships at SANS Institute, talks about how companies and the cybersecurity …

email
IceID trojan delivered via hijacked email threads, compromised MS Exchange servers

A threat actor is exploiting vulnerable on-prem Microsoft Exchange servers and using hijacked email threads to deliver the IceID (BokBot) trojan without triggering email …

attacks
Attackers are exploiting recently patched RCE in Sophos Firewall (CVE-2022-1040)

A critical vulnerability (CVE-2022-1040) in Sophos Firewall is being exploited in the wild to target “a small set of specific organizations primarily in the South Asia …

tax season
Beware of old and new tax-themed scams and schemes

April 18 marks the end of the 2022 US tax season and those individuals who are yet to file their taxes should get a move on. But they should not throw caution to the wind, as …

Okta
Okta names contractor involved in Lapsus$ gang’s attack

Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. What happened? “Like many SaaS …

Fraud losses
Internet crime in 2021: Investment fraud losses soar

Business email compromise/email account compromise scams still have the highest financial toll on victims, but investment fraud has also lead to massive losses last year, …

Okta
Microsoft and Okta confirm, detail impact of Lapsus$ gang’s attacks

Recent claims by the cyber extortion gang have been validated by Okta and Microsoft: Lapsus$ have managed to get their hands on some of Microsoft’s source code and have …

critical infrastructure
US critical infrastructure operators should prepare for retaliatory cyberattacks

US President Joe Biden has urged companies in critical infrastructure sectors to shore up their defenses against potential cyberattacks. The warning “Most of America’s …

Okta
Lapsus$ gang says it has breached Okta and Microsoft

After breaching NVIDIA and Samsung and stealing and leaking those companies’ propertary data, the Lapsus$ cyber extortion gang has announced that they have popped …

snake, threat
Attackers employ novel methods to backdoor French organizations

An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the …

access
The TTPs of Conti’s initial access broker

Automation might be the way to go for many things, but a recently published report by Google’s Threat Analysis Group (TAG) shows why targeted phishing campaigns …

biohazard
Trickbot uses compromised MikroTik routers as C2 communication proxies

MikroTik routers are getting compromised to serve as communication proxies for Trickbot malware, to enable Trickbot-affected devices to communicate with their their C2 server …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools