A French security researcher GILLES Lionel, aka Topotam, disclosed a new technique called ‘PetitPotam’ that performs an NTLM relay attack that does not rely on the MS-RPRN API but instead uses the EfsRpcOpenFileRaw function of the MS-EFSRPC API.

Security researchers have published details about the method used by a strain of macOS malware to steal login information from multiple apps, enabling its operators to steal accounts.

Financial cybercrime gang FIN7 has resurged after the jailing of some members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey.

In a new release from Gartner, researchers have estimated that cyberattackers will have weaponised operational technology (OT) environments to successfully harm or kill humans by the year 2025.

A Vade report revealed that there has been a major jump in phishing attacks since the start of the year with a 281 percent spike in May and another 284 percent increase in June.

The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, ICS, and grants for state and local governments.

MITRE releases a list of its top 25 most dangerous software weaknesses, detailing the most common vulnerabilities which can give cybercriminals access to machines to steal data or cause crashes.

Cybercriminals try to take advantage of the Tokyo Olympics and researchers and security agencies are already warning of the possible cyberattacks on the event. It appears to be challenging for Tokyo to stay protected from expected attacks. Defenses need to be amped up to the tee.

Twitter has revealed in its latest transparency report that only 2.3% of all active accounts have enabled at least one method of two-factor authentication (2FA) between July and December 2020.

Analysts with cybersecurity company Intezer have found that cybercriminals are now going after a new attack vector against Kubernetes clusters via misconfigured Argo Workflows instances.