A QR code phishing campaign exploits Microsoft Sway to distribute URLs to credential-stealing websites that also collect multi-factor authentication codes and session cookies.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
A cyber attack has struck Seattle-Tacoma International Airport, affecting international and some domestic airlines and maritime facilities, causing potential delays and baggage problems.
The FBI's data handling practices were sharply criticized during a recent DOJ audit, with the OIG noting that the agency is failing to adequately control its storage media and that its disposal methods are potentially exposing sensitive and classified information.
An apparent cyber attack bearing the hallmarks of a ransomware incident has disrupted operations at oil service giant Halliburton’s Houston campus location and some global networks.
The FAA has proposed new cybersecurity rules for airworthiness certification to protect aircraft from hostile intentional unauthorized electronic interactions.
Toyota has confirmed a third-party data breach that leaked 240 GB of sensitive information on the dark web, but says the cybersecurity incident was grossly misrepresented.
An access control misconfiguration on Oracle NetSuite ecommerce sites exposes customer data to unauthorized access, with many businesses unaware of deployed default instances.
Despite receiving a raucous round of applause upon its adoption, the UN cybercrime convention's new treaty seems to thus far have displeased most of the entire spectrum of private interests.
Individuals have been getting notifications of their information being leaked to the dark web since the National Public data breach was announced. But the splashy claims about "every Social Security number" being exposed do not appear to be holding up.
The FBI and its European partner law enforcement agencies have dismantled the cybercrime infrastructure of the Radar/Dispossessor ransomware group, a LockBit knockoff.










