A Microsoft Azure cloud computing customer in Asia was a victim of a massive 3.47 Tbps DDoS attack (distributed denial of service attack) in November 2021, the software and technology giant Microsoft revealed.
Finland’s National Cyber Security Centre (NCSC-FI) warns of an ongoing phishing campaign attempting to hijack Facebook accounts by impersonating victims’ friends in Facebook Messenger chats.
The FBI this week issued a private industry notification to warn organizations about the malicious activities conducted by an Iranian cyber company named Emennet Pasargad.
The White House, EPA, and CISA are rolling out a 100-day plan to improve the cybersecurity of the country’s water systems, which faced a variety of attacks over the last year.
The CISA has added 17 new flaws in the Known Exploited Vulnerabilities catalog, nine of which have a remediation date of February 1, and four of them have a remediation date of July 18. The newly added flaws exist in multiple products, including Struts 1, Serv-U, Airflow, and Nagios XI. An exploitable flaw is a weak […]
The National Cyber Security Centre (NCSC) has warned organizations in the UK to prepare for Russian state-sponsored cyberattacks amid ongoing geopolitical tensions in Ukraine.
Threat analysts have observed a new campaign named ‘OiVaVoii’, targeting company executives and managers with malicious OAuth apps and custom phishing lures sent from hijacked Office 365 accounts.
Innovators to the RaaS model focused on lowering barriers to entry (attracting new affiliates to carry out lots of attacks), and creating efficiencies on monetization to get paid better.
A new multi-phase phishing campaign first enrolls an attacker’s BYOD device on a corporate network and then begins sending thousands of convincing phishing emails to further targets.
Tracked as CVE-2021-44228, the flaw was identified in December 2021 in the Apache Log4j logging utility, and has since been exploited in attacks by both cybercriminals and state-sponsored actors.