Microsoft now allows more enterprise users to restore their personal settings and Microsoft Store apps from a previous Windows 11 device. […] Source: https://www.bleepingcomputer.com/news/security/microsoft-expands-windows-restore-to-more-enterprise-devices/
Microsoft expands Windows restore to more enterprise devices Read More »
UncategorizedNew York Attorney General Letitia James sued video game developer and publisher Valve Corporation for using game loot boxes to facilitate illegal gambling activities among children and teenagers. […] Source: https://www.bleepingcomputer.com/news/gaming/new-york-sues-valve-for-promoting-illegal-gambling-via-game-loot-boxes/
New York sues Valve for promoting illegal gambling via game loot boxes Read More »
Uncategorized
A “coordinated developer-targeting campaign” is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish persistent access to compromised machines. “The activity aligns with a broader cluster of threats that use job-themed lures to blend into routine developer workflows and increase the likelihood of code Source:
Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware Read More »
UncategorizedA Chinese keyboard warrior inadvertently leaked information about politically motivated influence operations through a ChatGPT account. Source: https://www.darkreading.com/cyberattacks-data-breaches/chinese-police-chatgpt-smear-japan-pm-takaichi
Chinese Police Use ChatGPT to Smear Japan PM Takaichi Read More »
UncategorizedThe vulnerabilities highlight a big drawback to integrating AI into software development workflows and the potential impact on supply chains. Source: https://www.darkreading.com/application-security/flaws-claude-code-developer-machines-risk
Flaws in Claude Code Put Developers’ Machines at Risk Read More »
UncategorizedResearchers suggest defenders monitor how these malicious groups re-form and leverage the useful threat intel to guide their next moves. Source: https://www.darkreading.com/threat-intelligence/ramp-forum-seizure-fractures-ransomware-ecosystem
RAMP Forum Seizure Fractures Ransomware Ecosystem Read More »
UncategorizedThe Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests. […] Source: https://www.bleepingcomputer.com/news/security/fake-nextjs-job-interview-tests-backdoor-developers-devices/
Fake Next.js job interview tests backdoor developer’s devices Read More »
UncategorizedLinked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent access to infected machines. Source: https://www.darkreading.com/cyberattacks-data-breaches/malicious-nextjs-repos-developers-fake-job-interviews
Malicious Next.js Repos Target Developers Via Fake Job Interviews Read More »
Uncategorized
Triage is supposed to make things simpler. In a lot of teams, it does the opposite. When you can’t reach a confident verdict early, alerts turn into repeat checks, back-and-forth, and “just escalate it” calls. That cost doesn’t stay inside the SOC; it shows up as missed SLAs, higher cost per case, and more room
Top 5 Ways Broken Triage Increases Business Risk Instead of Reducing It Read More »
UncategorizedAttackers are bypassing email gateways through telephone-oriented attack delivery (TOAD), in which the only email payload is a phone number. Source: https://www.darkreading.com/threat-intelligence/why-call-this-number-toad-emails-beat-gateways
Why ‘Call This Number’ TOAD Emails Beat Gateways Read More »
UncategorizedMicrosoft has released the KB5077241 optional cumulative update for Windows 11, which comes with 29 changes, including improvements to BitLocker, a new network speed test tool, and native System Monitor (Sysmon) functionality. […] Source: https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5077241-update-improves-bitlocker-adds-sysmon-tool/
Windows 11 KB5077241 update improves BitLocker, adds Sysmon tool Read More »
UncategorizedA financially motivated threat group dubbed “Diesel Vortex” is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains. […] Source: https://www.bleepingcomputer.com/news/security/phishing-campaign-targets-freight-and-logistics-orgs-in-the-us-europe/
Phishing campaign targets freight and logistics orgs in the US, Europe Read More »
UncategorizedThe North Korean threat group also leveraged Comebacker backdoor, Blindingcan RAT, and info stealer Infohook in its recent attacks. Source: https://www.darkreading.com/cyberattacks-data-breaches/lazarus-group-new-position-medusa-ransomware
Lazarus Group Picks a New Poison: Medusa Ransomware Read More »
UncategorizedMicrosoft is expanding data loss prevention (DLP) controls to block the Microsoft 365 Copilot AI assistant from processing confidential Word, Excel, and PowerPoint documents, regardless of their location. […] Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-adds-copilot-data-controls-to-all-storage-locations/
Microsoft adds Copilot data controls to all storage locations Read More »
Uncategorized
A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor’s targeting beyond Ukraine and into entities supporting the war-torn nation. The activity, which targeted an unnamed entity involved in regional
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware Read More »
UncategorizedThe UK Information Commissioner’s Office (ICO) has fined Reddit £14.47 million (over $19.5 million) for collecting and using the personal information of children under 13 without adequate safeguards. […] Source: https://www.bleepingcomputer.com/news/security/uk-fines-reddit-19-million-for-using-childrens-data-unlawfully/
UK fines Reddit $19 million for using children’s data unlawfully Read More »
UncategorizedSolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers. […] Source: https://www.bleepingcomputer.com/news/security/critical-solarwinds-serv-u-flaws-offer-root-access-to-servers/
Critical SolarWinds Serv-U flaws offer root access to servers Read More »
UncategorizedAI systems have to be able to show a record of what happened and how. Source: https://www.darkreading.com/cyber-risk/more-dashboards-ai-decisions-provable
More Than Dashboards: AI Decisions Must Be Provable Read More »
Uncategorized
The North Korea-linked Lazarus Group (aka Diamond Sleet and Pompilus) has been observed using Medusa ransomware in an attack targeting an unnamed entity in the Middle East, according to a new report by the Symantec and Carbon Black Threat Hunter Team. Broadcom’s threat intelligence division said it also identified the same threat actors mounting an
Lazarus Group Uses Medusa Ransomware in Middle East and U.S. Healthcare Attacks Read More »
Uncategorized
Most identity programs still prioritize work the way they prioritize IT tickets: by volume, loudness, or “what failed a control check.” That approach breaks the moment your environment stops being mostly-human and mostly-onboarded. In modern enterprises, identity risk is created by a compound of factors: control posture, hygiene, business context, and intent. Any one of
Identity Prioritization isn’t a Backlog Problem – It’s a Risk Math Problem Read More »
Uncategorized