In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.
Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced adversaries, and their customers face more than 600 million cybercriminal and nation-state attacks every day, ranging from ransomware to phishing to identity attacks.
Read more…
Source: Microsoft
Related:
- The Rug Pull: A Million-Dollar Scam With A Fake Token Factory
November 21, 2023
In the dynamic realm of cryptocurrency, recent events have highlighted the ever-present threat of Rug Pulls—deceptive maneuvers that leave investors empty-handed. Threat Intel Blockchain system, developed by Check Point, recently sounded the alarm on a sophisticated scheme that managed to pilfer nearly $1 million. Let’s delve into the details of this elaborate crypto con and understand ...
- How to stop fake System notifications on macOS
November 21, 2023
Scammers are abusing an Apple feature that allows websites to create push notifications that look like they’re coming from macOS, or apps. The notifications try to scare users into clicking a link with fake virus alerts or messages saying their account has been hacked. Years ago Malwarebytes Labs warned our readers about the introduction of browser ...
- British Library Employee data leaked in cyber attack
November 21, 2023
The British Library has confirmed that a cyber attack in October has led to a leak of employee data. The attack, which took place on 31 October, has also resulted in the library’s website being down for almost a month. The Rhysida ransomware group claim to be behind the attack, and say they will auction off ...
- Hacking Employers and Seeking Employment: Two Job-Related Campaigns Bear Hallmarks of North Korean Threat Actors
November 21, 2023
Unit 42 researchers recently discovered two separate campaigns targeting job-seeking activities linked to state-sponsored threat actors associated with the Democratic People’s Republic of Korea (DPRK), commonly known as North Korea. The research team call the first campaign “Contagious Interview,” where threat actors pose as employers (often anonymously or with vague identities) to lure software developers into ...
- U.S. DOD strategy warns emerging tech is ‘at the forefront’ of information threats
November 21, 2023
The Pentagon publicly released its strategy for operating in the information environment – which covers both physical and digital sources of information – on Friday, outlining how the agency plans to modernize its collecting, processing and sharing of data to better counteract adversaries’ weaponization of the internet and emerging technologies. DOD “must embrace a cultural shift ...
- SysAid path traversal vulnerability
November 21, 2023
SonicWall Capture Labs Threat Research Team became aware of the SysAid path traversal vulnerability, assessed its impact and developed mitigation measures for the vulnerability. On November 8, 2023, SysAid, an IT service management company, disclosed CVE-2023-47426, which is a zero-day path traversal vulnerability carrying a CVSS 9.8 score and affecting on-premise SysAid servers running version < ...