The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices.
Автор: Kristina Beek, Associate Editor, Dark Reading
Trump Pardons ‘Silk Road’ Dark Web Drug Market Creator
The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.
Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks
Sophos noted more than 15 attacks have been reported during the past three months.
HPE Investigates After Alleged Data Breach
The company reports that it is not experiencing any operational issues within its business, so far.
Employees Enter Sensitive Data Into GenAI Prompts Far Too Often
The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises.
US Sanctions Chinese Hacker & Firm for Treasury, Critical Infrastructure Breaches
The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.
FTC Orders GoDaddy to Fix Inadequate Security Practices
The FTC claims that the Web hosting company’s security failures led to several major breaches in the past few years.
CISA: Second BeyondTrust Vulnerability Added to KEV Catalog
BeyondTrust has patched all cloud instances of the vulnerability and has released patches for self-hosted versions.
FBI Wraps Up Eradication Effort of Chinese ‘PlugX’ Malware
Two hacker groups were paid to develop malware targeting victims in the US, Europe, and Asia, as well as various Chinese dissident groups.
FBI Wraps Up Eradication Effort of Chinese ‘PlugX’ Malware
Two hacker groups were paid to develop malware targeting victims in the US, Europe, and Asia, as well as various Chinese dissident groups.