China Uses Dual-Method Cyberattack on Czech Orgs
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
While Ukraine remains Russia's major target for cyberattacks, TAG-110 is part of a strategy to preserve "a post-Soviet sphere of influence" by embedding itself in other countries' infrastructures.
Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans.
Convincing phishing emails, synthetic identities, and deepfakes all have been spotted in cyberattacks on the continent.
The Emirates see phishing emails, DDoS attacks, and ransomware, as well as port scans, regularly.
Axiad's State of Authentication Survey also found nearly half of respondents think phishing is the most likely cyberattack, yet only 27% plan to use phishing-resistant MFA next year.
A campaign sent 120,000 phishing emails in three months, circumventing MFA to compromise cloud accounts of high-level executives at global organizations
The cyberattacks used the legitimate Salesforce.com domain by chaining the vulnerability to an abuse of Facebook's Web games platform, slipping past email protections.
Cyberattacks against organizations in some African nations increased significantly in 2022, despite a major expansion in cybersecurity hiring to support cloud and digital migration.
Perception Point's 2023 Annual Report: Cybersecurity Trends & Insights' analyzes the most prevalent cyberattack trends amidst today's complex threat landscape, identifying an overall increase of 87% in the total number of attacks over the course of last year.
In next-gen, credential-harvesting attacks, phishing emails use cloud services and are free from the typical bad grammar or typos they've traditionally used (and which users have learned to flag).
UK sportswear retailer asks exposed customers to stay "vigilant" against phishing attempts following cyberattack.
Current defenses are able to protect against today's AI-enhanced cybersecurity threats, but that won't be the case for long as these attacks become more effective and sophisticated.
Threat actors can take over victims' cloud accounts to steal data, or use them for command-and-control for phishing attacks, denial of service, or other cyberattacks.
Luna Moth is relying solely on call-back phishing, as well as legitimate tools, to steal data and extract ransoms from victims of all stripes in an expanding cyberattack effort.
An attack campaign using phishing attacks gives threat actors access to internal Dropbox code repositories, the latest in a series of attacks targeting developers through their GitHub accounts.
A slew of Microsoft Exchange vulnerabilities (including ProxyLogon) fueled a surge in attacks targeting software flaws in 2021, but the trend has continued this year.
The peer-to-peer network IPFS offers an ingenious base for cyberattacks and is seeing a stratospheric increase in malicious hosting.
External attacks focused on vulnerabilities are still the most common ways that companies are successfully attacked, according to incident data.