Hot Topics

Social Engineering

Social Engineering

Satya Nadella and President Xi Jinping

‘China’ Azure Breach: MUCH Worse Than Microsoft Said

| | Active Directory, Authentication, azure, Azure Active Directory, Azure AD, Entra ID, Exchange, Microsoft, Microsoft Azure, Microsoft Azure Active Directory, Microsoft Azure Security, OpenID, Outlook.com, SB Blogwatch, Storm-0558, Wiz
Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G ...
Security Boulevard
GitHub satellite cyberattack Strontium cyberwarfare counter-drone The Legality of Waging War in Cyberspace

GitHub Developers Targeted by North Korea’s Lazarus Group

| | Cybersecurity, GitHub, Lazarus Group, npm, supply chain
The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub ...
Security Boulevard
Kevin Mitnick

R.I.P. Kevin Mitnick, 1963–2023

| | Kevin Mitnick, SB Blogwatch
Kevin is Free: Hackers’ hacker dies, aged 59 ...
Security Boulevard
QR codes ransomware, attacks, RaaS, SlashNext ransomware phishing attack

The Rise of QR Codes Spurs Rise in ‘Fresh Phish’

| | email security, INKY, Malware, Phishing, QR Codes
Miscreants have ramped up their use of QR codes to phish for credentials, according to INKY threat researchers ...
Security Boulevard
Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

| | android spyware, Biden administration, Commerce Department, Cytrox, Department of Commerce, Entity List, eu, Europe, European Union, European Union (EU), Intellexa, iOS spyware, Malware Spyware, Predator spyware, SB Blogwatch, spyware
European cousins Intellexa and Cytrox essentially banned by Commerce Dept. — Predator/ALIEN not welcome in U.S ...
Security Boulevard
Microsoft ransomware AWS Spring4Shell flaws vulnerabilities WhiteSource Python

CISA to Gov’t Agencies: Mitigate a Flaw in Windows and Office

| | cisa, Cybersecurity, Microsoft, NATO, RomCom
The U.S. government is giving federal agencies three weeks to mitigate a zero-day Microsoft Windows and Office security flaw exploited by the Russian-linked RomCom threat group ...
Security Boulevard
email cyber, resilience, Dell Lacework Adds Time Series Modeling to Cybersecurity Platform

A Look at the Email Threat Landscape in Q1 2023

| | email security, malspam, Malware, social engineering, Spam, VIPRE
VIPRE's Email Threat Trends Report for Q1 2023 analyzed 1.8 billion emails to provide a comprehensive understanding of contemporary email threats ...
Security Boulevard
GPT OpenSSF AI ML Darktrace Concentric supply chain Palo Alto AI partnership ai

The Two Faces of AI in Identity Management

| | AI, ChatGPT, deepfake, identity, identity and access management, rsa
The advent of AI made identity the most-targeted part of the attack surface. But without AI, identity is a sitting duck ...
Security Boulevard
OPSEC FAIL: US Military Email Going to Mali — via Typo

OPSEC FAIL: US Military Email Going to Mali — via Typo

| | defense department, Department of Defense, DoD, E-mail, email, Johannes Zuurbier, Mali, military, Military Communications, mxrecords, pentagon, Russia, SB Blogwatch, U.S. Department of Defense, U.S. military, United States Department of Defense, US DOD, US Military
MX Mixup: Russian-allied government can intercept “highly sensitive information”—because there’s no “I” in .ML ...
Security Boulevard
SlashNext BEC phishing

SlashNext Report Shows How Cybercriminals Use Generative AI

| | business email compromise, generative AI, Malware, Phishing, SlashNext
A SlashNext report detailed how cybercriminals use generative AI capabilities to launch phishing and BEC attacks in greater volume ...
Security Boulevard
Load more