Hackers affiliated with the Russian government have reportedly accessed emails from at least one company in the private sector and accessed Microsoft cloud customers’ information through a third party.
Internet domain company GoDaddy used a holiday bonus notification to test employees on email phishing scams, after workers had already been told they would not receive a bonus this year.
Microsoft identified a reseller’s Microsoft Azure account used for managing CrowdStrike’s Microsoft Office licenses making abnormal calls to Microsoft cloud APIs during a 17-hour period several months ago.
The vulnerability allows hackers to mount so-called “cross-layer” attacks against the Linux kernel and cause further damage by exploiting a weakness in its pseudo-random number generator (PRNG).
Sabre Corp. will make a $2.4 million payout and shore up its cybersecurity policies under an agreement with 27 state attorneys general who investigated a breach of its hotel-booking technology.
HelpSystems, a Minneapolis, Minnesota-based software company, announced on Wednesday that it has acquired cloud-based data protection solution provider Vera for an undisclosed amount.
The schemes to defraud people have gone to such an extent that threat actors were found running scams by impersonating biotechnology companies involved in the development of COVID-19 vaccines.
The phishing attack impersonating the U.S. Postal Service sought to get victims to give up their credit card credentials and pay a special delivery fee within three days to ensure package delivered.
The issue, which advanced hackers exploited as a zero-day in May, is still exploitable but by a different method as security researchers demonstrate with publicly available proof-of-concept code.
The CISA said on Wednesday that a sprawling cyber espionage campaign made public earlier this month is affecting state and local governments, although it released few additional details.