The fraudsters ran their campaigns from the cloud and used phishing attacks and email forwarding rules to steal financial information. Microsoft has shut down a sprawling Business Email Compromise (BEC) operation that had its infrastructure hosted in several web services. Using these cloud-based assets, the threat actors infiltrated hundreds of mailboxes across multiple organizations and … More Microsoft takes down large‑scale BEC operation
Looking to set off on the right foot with endpoint detection and response? Prioritize visibility into your systems. For organizations considering adoption of an endpoint detection and response (EDR) solution, MITRE Engenuity’s most recent ATT&CK® Evaluation provides a singular glimpse into how a prospective EDR tool stands in the face of sophisticated threats. The work of … More Endpoint detection and response: The path to security maturity starts with visibility
How do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself, your family and your business? We’ve all heard of phishing, the tried-and-tested email scam that spoofs authoritative sources to trick recipients into handing over sensitive information or downloading malware. Well, vishing is its voice call equivalent. It’s … More Vishing: What is it and how do I avoid getting scammed?
Should we expect cybercriminals to ditch the pseudonymous cryptocurrency for other forms of payment that may be better at throwing law enforcement off the scent? Earlier this week, the Department of Justice announced it seized around $2.3 million worth of bitcoin (BTC 63.7) collected in the BTC 75 payment for Colonial Pipeline ransomware. Does this mean Bitcoin … More Tracking ransomware cryptocurrency payments: What now for Bitcoin?
The latest Chrome update patches a bumper crop of security flaws across the browser’s desktop versions. Google has rolled out an update for its Chrome web browser to fix a bunch of security flaws, including a zero-day vulnerability that is known to be actively exploited by threat actors. The bugs affect the Windows, macOS, and … More Google fixes actively exploited Chrome zero‑day