According to a new analysis, DUCKTAIL, a Vietnam-based cybercrime operation discovered by WithSecure earlier this year, has continued to evolve its operations. DUCKTAIL has been using LinkedIn to target individuals and organizations using Facebook's Ads…

On behalf of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), the General Services Administration (GSA) requested information on the availability of Threat Intelligence Enterprise Services (TIES) to the…

Threat actors are stealing authentication tokens that have already been verified by multi-factor authentication (MFA) in order to compromise organizations' systems. According to a new alert from Microsoft's Detection and Response Team (DART), token theft…

A recent study of 1.6 million Microsoft 365 users across three continents discovered that 90 percent of organizations lacked essential security protections. Microsoft 365 administration was found to be difficult. CoreView experts examined the most common…

DraftKings, a sports betting company, has announced that it would refund all customers who were affected by a credential stuffing attack that resulted in losses of up to $300,000. The statement comes after DraftKings tweeted that it was looking into…

Aurora Stealer, a new Go-based malware, is increasingly being used in campaigns to steal sensitive information from compromised hosts. These infection chains use phishing pages impersonating legitimate software download pages, such as those for…

The Royal Canadian Navy's ships are becoming increasingly vulnerable to targeted cyberattacks. These can impact the safety and integrity of assets, as well as the ability of decision-makers to use them. Researchers at Concordia University have received a…

A new study published in the International Journal of Business Information Systems examines the human side of cybersecurity. Cybersecurity is typically thought to be primarily about firewalls, antivirus software, spam filters, and Distributed Denial-of-…

Google has announced the successful conclusion of a nearly year-long legal battle with the Glupteba botnet, a highly sophisticated botnet comprised of millions of compromised Windows devices. Glupteba, unlike other botnets, uses cryptocurrency…

Forrester analysts recently warned of a possible major security breach at a large enterprise in 2023 caused by business users employing low-code/no-code (LCNC). The first part of this prediction is a common industry assumption that it would be unusual to…

According to a recent report from the Government Accountability Office (GAO), the federal enforcement office that oversees more than 1,600 offshore oil and gas facilities has done little to address growing cybersecurity risks. GAO highlighted that the…

As researchers predict that quantum computers will be able to decrypt public key algorithms as early as 2030, organizations are under increasing pressure to develop quantum-resistant algorithms to protect their data from threat actors. The US Air Force…