MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches

Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component of these attacks that is becoming more popular with the rise of multi-factor authentication is a technique called MFA Fatigue. Read More …

Uber security breach ‘looks bad’, potentially compromising all systems

Uber reportedly has suffered another massive security incident, which is likely more extensive than its 2016 data breach and potentially may have compromised its entire network. It also can result in access logs being deleted or altered. A hacker on Read More …

Potential hack for some Boeing planes fixed

A digital vulnerability in the computer systems used on some Boeing Co aircraft that could have allowed malicious hackers to modify data and cause pilots to make dangerous miscalculations has been fixed, security researchers said on Friday. Older versions of Read More …

MBDA is refuting the alleged ‘hacking’ of the company’s information systems

MBDA is refuting the alleged ‘hacking’ of the company’s information systems, and has filed a report with police of an attempt to blackmail the company. MBDA is the subject of a blackmail attempt by a criminal group that falsely claims Read More …

Russian Hackers Target U.S. HIMARS Maker in ‘New Type of Attack’

ussian hackers have launched “a new type of attack” on American military company Lockheed Martin, the maker of the M142 High Mobility Artillery Rocket System (HIMARS), the weapon the hackers believe is responsible for thousands of deaths in Ukraine, according Read More …

Attackers Move Quickly to Exploit High-Profile Zero Days: Insights From the 2022 Unit 42 Incident Response Report

Software vulnerabilities remain a key avenue of initial access for attackers according to the 2022 Unit 42 Incident Response Report. While this underscores the need for organizations to operate with a well-defined patch management strategy, we’ve observed that attackers are Read More …

Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data

The use of legitimate Windows tools as part of malicious actors’ malware arsenal has become a common observation in cyber incursions in recent years. We’ve discussed such use in a previous article where PsExec, Windows Management Instrumentation (WMI), simple batch Read More …

Hackers pose as journalists to breach news media org’s networks

Researchers following the activities of advanced persistent (APT) threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors. The adversaries are either masquerading or attacking these Read More …