Flux RSS

Publicly accusing an entity of a cyberattack could have negative consequences that organizations should consider before taking the plunge.

A series of campaigns that began in August aim to defraud job candidates, using psychological tactics and data scraped from LinkedIn profiles.

TeamPCP is the likely cyber threat actor behind attacks on Trivy, Checkmarx's KICS and VS Code plug-ins, and the LiteLLM AI library — and all signs point to more attacks to come.

CISA and the Federal Bureau of Investigation released a Public Service Announcement (PSA) warning about ongoing phishing campaigns by cyber actors associated with the Russian Intelligence Services targeting commercial messaging applications (CMAs). These campaigns aim to bypass encryption to compromise to individual user accounts with targets including current and former U.S. government officials, military personnel, political figures, and journalists. Evidence shows that cyber actors have been able to compromise individual CMA accounts, but not encryption of the applications themselves. The actors’ global campaigns have resulted in unauthorized access to thousands of individual CMA accounts to view the victims’ messages and contact lists, send messages, and conduct additional phishing against other CMA accounts. CISA and FBI urge CMA users to review the PSA, follow recommended cybersecurity practices, and remain vigilant for suspicious activity.

Major providers are testing a quantum-safe version of HTTPS that shrinks certificates to one-tenth their previous size, decreasing latency and adding transparency.

The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent access.

In an unsuccessful phishing attack, threat actors leveraged trusted brands and domains to try to redirect a C-suite executive at Outpost24 to give up his credentials.

A social engineering campaign impersonating PayPal and Amazon uses customer support interactions to acquire sensitive info.