Scope, Scale of Spurious North Korean IT Workers Emerges
Microsoft warns thousands of North Korean workers have infiltrated tech, manufacturing, and transportation sectors to steal money and data.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Microsoft warns thousands of North Korean workers have infiltrated tech, manufacturing, and transportation sectors to steal money and data.
A threat actor has gained access to Microsoft 365 environments of a small number of customers of Commvault's Metallic service.
The sneaky malware packs capabilities for system reconnaissance as well as credential and cryptocurrency theft.
Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.
Microsoft warns that ransomware group Storm-0501 has shifted from buying initial access to leveraging weak credentials to gain on-premises access before moving laterally to the cloud.
As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA.
The group's use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says.
The cyber espionage group has created a stealthy, hard-to-mitigate network of persistent access across a range of organizations, but the endgame is unclear.
The attack surface of a live event like this summer’s World Cup in Australia and New Zealand rivals that of a large multinational enterprise, or even a small city.
DDoS cyberattack campaigns from the pro-Russian group have spiked significantly.
An unpatched Microsoft Web server allowed multiple cybersecurity threat groups to steal data from a federal civilian executive branch.
The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs.
Microsoft warns enterprises should pay attention to a new botnet used to launch DDoS attacks on private Minecraft Java servers.
Microsoft warns that the Kremlin is ramping up cyberattacks against infrastructure and supply chains and starting disinformation campaigns as Russian troops lose on the battlefield.
Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections.
The software giant also recorded an increase in attacks on IT services companies as state-backed threat actors have adapted to better enterprise defenses and cast a wider net, Microsoft says.
Microsoft and VMware are warning that the malware, which first surfaced as a browser-hijacking credential stealer, is now being used to drop ransomware, steal data, and crash systems at enterprises.
A security vulnerability (CVE-2022-28799) in one of TikTok for Android's deeplinks could affect billions of users, Microsoft warns.
The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user.
Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.