The scheme involved phishing pages to trick users into connecting their wallets with the attackers’ infrastructure, resulting in over $87 million in illicit profits from more than 137,000 victims.

OAuth attacks are on the rise, and organizations must implement strong access controls, fortify identity security for user accounts, and monitor third-party app activity to prevent unauthorized access to SaaS resources.

A cloud services firm returned patient data stolen in a ransomware attack by the LockBit gang to a New York hospital alliance. The hospitals had sued LockBit as a legal maneuver to force the storage firm to return the data.

The evolution of phishing techniques, including the use of advanced AI-driven tools, has led to a surge in highly personalized and convincing phishing attacks, posing a significant challenge to traditional email security solutions.

The National Defense Industrial Strategy focuses on resilient supply chains, workforce readiness, flexible acquisitions, and economic deterrence to improve defense industrial ecosystem.

The Russia-affiliated hacktivist group, Anonymous Sudan, claimed responsibility for a cyberattack on the London Internet Exchange (LINX) as a response to Britain’s support for Israel and airstrikes on Yemen.

The threat actor ‘wangfei19860902055’ advertised the sale of a database related to Government Employees Insurance Company (GEICO) on the dark web, containing 552,900 records with personal information. GEICO has not officially confirmed the breach.

Attackers can exploit these vulnerabilities to force affected firewalls into maintenance mode, impacting their standard functionality and VPN access to corporate networks.

Tsurugi Linux offers a user-friendly interface with a logical sequence of forensic analysis tools, including support for live forensics, post-mortem analysis, digital evidence acquisition, malware analysis, OSINT, and computer vision activities.

The vulnerability was addressed through updates on November 22, 2023, after responsible disclosure, and was related to a long-forgotten version of the My Flow landing page.