The sale of digital art through NFTs has become such a hot trend that scammers have taken notice and are attempting to lure current and prospective traders onto NFT-themed phishing and fraud websites.
Nation-state APTs are actively exploiting known vulnerabilities in the Fortinet FortiOS cybersecurity OS to gain initial access to multiple government, commercial, and technology services.
The researchers from Computest demonstrated a three-bug attack chain against Zoom that caused remote code execution on a target machine, and all without any form of user interaction.
The country where emails originate and the number of countries they are routed through on the way to their final destination offer important warning signs of phishing attacks.
The group behind the Maze and Egregor ransomware operations are believed to have earned at least $75 million worth of Bitcoin from ransom payments following intrusions at companies all over the world.
Saint Bot, a previously undocumented malware downloader has been spotted in the wild since January 2021 in phishing attacks to deploy credential stealers and other malicious payloads.
Microsoft has released an open-source cyberattack simulator that allows security researchers and data scientists to create simulated network environments and see how they fare against AI-controlled cyber agents.
A recent phishing campaign used a clever trick to deliver the fraudulent web page that collects Microsoft Office 365 credentials by building it from chunks of HTML code stored locally and remotely.
Proofpoint’s recent research indicates that 98% of nearly 3,000 monitored organizations across the U.S., UK, and Australia, received a threat from a supplier domain over a 7-day window in February.
ESET researchers have discovered a previously undocumented Lazarus malware backdoor used to attack a freight logistics company in South Africa, which they have dubbed Vyveva.