The best travel VPNs of 2024: Expert tested and reviewed
ZDNET tested the best travel VPNs that offer privacy and security for your laptop or phone while you’re on the road or working abroad.
Latest stories for ZDNET in Security – Read More
Russian Hackers Stole Microsoft Corporate Emails in Month-Long Breach
The breach was facilitated by a password spray attack on a non-production test tenant account lacking two-factor authentication, highlighting the importance of robust account security measures.
Cyware News – Latest Cyber News – Read More
Payoneer Accounts in Argentina Hacked in 2FA Bypass Attacks
Suspicions have been raised about a potential data leak from mobile service providers or a breach in the SMS provider used for OTP code delivery as the possible cause of the hacks.
Cyware News – Latest Cyber News – Read More
Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter.
The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending thousands of invoice-themed emails targeting North America bearing decoy PDF files.
“The PDFs
The Hacker News – Read More
Microsoft’s Top Execs’ Emails Breached in Sophisticated Russia-Linked APT Attack
Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company’s cybersecurity and legal departments.
The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly
The Hacker News – Read More
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.
The development came after the vulnerabilities – an authentication bypass
The Hacker News – Read More
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives.
The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek.
SecurityWeek – Read More
CISA Issues Emergency Directive on Ivanti Zero-Days
The US government’s cybersecurity agency CISA ramps up the pressure on organizations to mitigate two exploited Ivanti VPN vulnerabilities.
The post CISA Issues Emergency Directive on Ivanti Zero-Days appeared first on SecurityWeek.
SecurityWeek – Read More
Massive Data Breach at VF Hits 35M Vans, Retail Customers
A month on from a retail conglomerate’s data breach, it’s still not clear exactly what the hackers stole, but impacted brands include Dickies, Northface, Timberland, Vans, and more.
darkreading – Read More
Ransomware Actor Uses TeamViewer to Gain Initial Access to Networks
Attackers have increasingly leveraged the widely used remote access tool, installed on hundreds of millions of endpoints, to break into victim environments.
darkreading – Read More