Автор: Jai Vijayan, Contributing Writer

As organizations on the continent expand their use of digital technologies, they increasingly face many of the same threats that entities in other regions have had to deal with for years.

Seemingly innocent "white pages," including an elaborate Star Wars-themed site, are bypassing Google’s malvertising filters, showing up high in search results to lure users to second-stage phishing sites.

The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity.

The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks.

The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.

Individuals concerned about the privacy of their communications should consider using encrypted messaging apps and encrypted voice communications, CISA and FBI officials say.

Organizations that rely on their content delivery network provider for Web application firewall services may be inadvertently leaving themselves open to attack.

Though it’s still just a proof of concept, the malware is functional and can evade the Secure Boot process on devices from multiple vendors.

Just like Russia’s Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia.

Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.