Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In recent years, phishing attacks have become increasingly sophisticated and are now being conducted through various messaging platforms such as Telegram. Telegram is a popular messaging app that allows users to send messages, photos, videos, and other files over the internet. It also provides APIs that allow developers to create custom bots and applications. Unfortunately, these same APIs can be used by malicious actors to exfiltrate credentials successfully phished from attacks.

AT&T is a massive telecommunications company with its headquarters in Dallas, Texas. The company is known as the largest telecommunications company in the world according to its revenue, and it is the third-largest mobile phone service provider in the United States. The company recently suffered an attack that exposed some of its customer data to hackers and may have put customers at risk. The attack wasn't on AT&T directly but on one of the company's external marketing vendors instead.

When cybersecurity experts speak about a cyber attack, they often refer to actions taken “left of boom” and “right of boom.” In this analogy, the boom is the breach, and the actions organizations take in the aftermath, such as utilizing their incident response plan or working with their cyber insurance company on a claim, are what happens “right of boom.” But it’s the things that happen “left of boom” that can make the difference between proactive and

Every day, thousands of companies download updates to their software. With a click of a button, they can walk away and return the next morning with everything reorganized and in order. While a staple of modern life, this action is no longer completely harmless. It is now one of many attacks that bad actors use to access systems and execute supply chain attacks.

DC Health Link is part of the Affordable Care Act online marketplace of health insurance plans. The service provides health care to members of Congress as well as many staff members throughout Capitol Hill. This healthcare service was recently the victim of a cyber attack and suffered a serious data breach that exposed hundreds of politicians and Capitol Hill staff members.

In our new threat briefing report, Forescout’s Vedere Labs provides details on the recent ransomware campaign targeting VMware ESXi virtualization servers, or hypervisors, and analyzes two payloads used in these attacks: variants of the Royal and Clop ransomware. We also present the tactics, techniques and procedures (TTPs) used by attackers in this campaign, discuss mitigation recommendations and list indicators of compromise (IOCs) that can be used for detection or threat hunting.

A lot has changed since Sumo Logic last gave our two cents on how to secure Office 365. In the meantime, Office 365 has become Microsoft 365 (M365), and Sumo has continued evolving and expanding its security offering. Today’s threat actor is adept at compromising M365 accounts through various methods. Stealing credentials through phishing email campaigns and brute-force attacks has become commonplace.

The US Transportation and Security Administration (TSA) has issued new requirements for airport and aircraft operators who, they say, are facing a "persistent cybersecurity threat." The agency's new directive compels the aviation industry to improve their defences against malicious hackers and cybercriminals, just days after Preisdent Biden announced its National Cybersecurity Strategy that seeks tighter regulations to protect the United States's critical infrastructure.

Netskope Threat Labs is tracking a 17x increase in traffic to malicious web pages hosted on DigitalOcean in the last six months. This increase is attributed to new campaigns of a known tech support scam that mimics Windows Defender and tries to deceive users into believing that their computer is infected.

Acer is a well-known tech company that's based in Taiwan and with facilities and offices around the world. The company's main headquarters are in San Jose, California, in the United States. The company is known for engineering, technical manufacturing, and creating many products in the electronics industry today. The organization recently suffered a significant data attack that may have exposed company secrets, product keys, and many software images that could hurt the organization.