Verizon: Edge Bugs Soar, Ransoms Lag, SMBs Bedeviled
The cybersecurity landscape confounded expectations in 2024, as anticipated threats and risk didn’t materialize and less widely touted attack scenarios shot up.
darkreading – Read More
Thousands of Baltimore students, teachers affected by data breach following February ransomware attack
Thousands of students, teachers and administrators had information stolen from the Baltimore City Public Schools system during a ransomware attack in February.
The Record from Recorded Future News – Read More
Microsoft Purges Millions of Cloud Tenants in Wake of Storm-0558
The tech giant is boosting Entra ID and MSA security as part of the wide-ranging Secure Future Initiative (SFI) that the company launched following a Chinese APT’s breach of its Exchange Online environment in 2023.
darkreading – Read More
Fake Alpine Quest Mapping App Spotted Spying on Russian Military
Fake Alpine Quest app laced with spyware was used to target Russian military Android devices, stealing location data,…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
3 More Healthcare Orgs Hit by Ransomware Attacks
Dialysis firm DaVita, Wisconsin-based Bell Ambulance, and Alabama Ophthalmology Associates all suffered apparent or confirmed ransomware attacks this month.
darkreading – Read More
City of Abilene Goes Offline in Wake of Cyberattack
The Texas municipality is following its incident response playbook as it works with a third-party to investigate the scope and scale of the attack.
darkreading – Read More
Beware of video call links that are attempts to steal Microsoft 365 access, researchers tell NGOs
Russia-linked phishing attacks targeting NGOs with ties to Ukraine ask victims to join a video call, and result in them gaining access to Microsoft 365 accounts.
The Record from Recorded Future News – Read More
SSL.com Vulnerability Allowed Fraudulent SSL Certificates for Major Domains
An SSL.com vulnerability allowed attackers to issue valid SSL certificates for major domains by exploiting a bug in…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
Docker Malware Exploits Teneo Web3 Node to Earn Crypto via Fake Heartbeat Signals
Cybersecurity researchers have detailed a malware campaign that’s targeting Docker environments with a previously undocumented technique to mine cryptocurrency.
The activity cluster, per Darktrace and Cado Security, represents a shift from other cryptojacking campaigns that directly deploy miners like XMRig to illicitly profit off the compute resources.
This involves deploying a malware strain
The Hacker News – Read More
‘Cookie Bite’ Entra ID Attack Exposes Microsoft 365
A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.
darkreading – Read More