Identity Attacks Overtake Exploits as Top Ransomware Cause
Email attacks overtook exploits as the top ransomware root cause last year. Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Email attacks overtook exploits as the top ransomware root cause last year. Multifactor authentication (MFA) was deployed in 97% of credential-based attacks but failed to prevent compromise.
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the technology has been put to use in the wild in a malicious context for vulnerability discovery and exploit generation
Here's where you ought to spend your security billable hours budget this year Strengthen your MFA policies, double-down on anti-phishing training, and for Jobs' sake, patch all your vulns right away. The past year of intelligence collected by Cisco's Talos threat hunters suggests that attackers are moving faster to exploit vulns, and fooling more staff than ever into giving up their credentials. …
The proof-of-concept exploit allows an attacker to steal sensitive data from Gmail, Google Accounts, Google Authenticator, Google Maps, Signal, and Venmo.
Bypassing MFA and deploying ransomware…sounds like something that rhymes with 'schmero-day' SonicWall on Monday confirmed that it's investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.…
PoisonSeed Threat Actor Uses Cross-Device Login Feature and QR Code to Trick UsersExpel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication - FIDO2 physical keys.
MFA Authenticator apps aren't cutting it anymore. Attackers are bypassing legacy MFA with fake sites and real-time phishing. Token Ring and BioStick stop them cold—with fingerprint-bound hardware. Learn more from Token. [...]
Identity is the new battleground—and Scattered Spider exploits it. Join Push Security to unpack how identity-based attacks are reshaping the threat landscape, and how to defend against MFA bypass, help desk scams, and more. Watch the webinar now. [...]
Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or app passwords) as part of a novel social engineering tactic designed to gain access to victims' emails
Trellix's John Fokker Advises CISOs to Prioritize Patching, MFA, Network VisibilityThreat actors aren't rushing to adopt AI tools to exploit vulnerabilities. "They still prefer a victim with weak passwords, bad MFA, bad patching. It is the easiest way to make money for criminals so they don't have to invest in AI," said John Fokker, head of threat intelligence at Trellix.
The massive phishing campaign does not exploit a vulnerability in MFA. Instead, it spoofs an Office 365 authentication page to steal credentials.
FBI and CISA warn of attack on multifactor authentication account to exploit "PrintNightmare" exploit.