African Orgs Fall to Mass Microsoft SharePoint Exploits
The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.
Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.
Using a malicious Chrome extension, researchers showed how an attacker could inject custom code into a victim's Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most trusted sites.
A tool now allows for victim files encrypted by the Black Basta cybercriminal gang to be fully or partially recoverable, depending on their size
Threat actors such as the operators of the Cl0p ransomware family increasingly exploit unknown and day-one vulnerabilities in their attacks.
Over that time, the group carried multiple tests to see if the exploit worked and to identify potential victims. It was like "turning the doorknob" to check for access, a researcher says.
Some billion-dollar organizations have already been identified as victims of the prolific ransomware group's latest exploit, amidst ongoing attacks.
Snowballing PoC exploits for CVE-2023-23397 and a massive attack surface means almost business user could be a victim.
The decentralized finance (DeFi) platform was the victim of an exploit for a partner's vulnerable code — highlighting a challenging cybersecurity environment in the sector.
APTs continue to exploit the dynamic job market and the persistent phenomenon of remote working, as explored by PwC at Black Hat USA.
Mandiant data also shows a dramatic drop in attacker dwell time on victim networks in the Asia-Pacific region — to 21 days in 2021 from 76 days in 2020.