The Homeland Justice APT tried spying on countries and organizations from six continents, using more than 100 hijacked email accounts. ​ ​ ​Read More

With the continued success of North Korea’s IT worker scams, Asia-Pacific nations are working with private firms to blunt the scheme’s effectiveness. ​ ​ ​Read More

The notorious Russian state-sponsored hacking unit, also known as Fancy Bear, is abusing Microsoft Outlook for covert data exfiltration. ​ ​ ​Read More

Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised systems, signaling the trend of threat actors constantly on the lookout for new ways to distribute malware and fly under the radar. “The two npm packages…

The initiative will be tailored to students and their growth in cybersecurity preparedness. ​ ​ ​Read More

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain ​ ​ ​Read…

Salesloft on Tuesday announced that it’s taking Drift temporarily offline “in the very near future,” as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens. “This will provide the fastest path forward to comprehensively review the application and build…

A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft’s device code authentication flow. ​ ​ ​Read More

Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams. ​ ​ ​Read More