Collaborate Disseminate
Researchers said the threat group behind the campaign is associated with ShinyHunters, an outfit that’s previously stolen data from Salesforce instances for extortion attempts.
The post Salesforce issues new security alert tied to third customer attack spree in six months appeared first on CyberScoop.
The vendor said six of the 83 vulnerabilities it addressed this month are more likely to be exploited.
The post Microsoft’s monthly Patch Tuesday is first in 6 months with no actively exploited zero-days appeared first on CyberScoop.
Attackers can exploit the defect in the widely deployed pac4j with relative ease, but researchers haven’t observed active exploitation in the wild.
The post Critical defect in Java security engine poses serious downstream security risks appeared first on CyberScoop.
Continue reading Critical defect in Java security engine poses serious downstream security risks
Attackers have turned AI into a “force multiplier” for the country’s expansive scheme to get and keep operatives hired at global companies, researchers said.
The post Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI appeared first on CyberScoop.
The 43-year-old Russian national ran a ransomware operation that impacted more than 1,000 victims globally. The conspiracy netted more than $39 million in extortion payments.
The post Phobos ransomware leader pleads guilty, faces up to 20 years in prison appeared first on CyberScoop.
Continue reading Phobos ransomware leader pleads guilty, faces up to 20 years in prison
The vendor said it’s not aware of any active exploitation of the vulnerabilities, which could allow remote attackers to achieve root access and execute code.
The post Cisco reveals 2 max-severity defects in firewall management software appeared first on CyberScoop.
Continue reading Cisco reveals 2 max-severity defects in firewall management software
Microsoft, which led the effort, said it seized 330 domains that powered the phishing platform’s core infrastructure. The alleged creator was also named in a civil complaint.
The post Global coalition dismantles Tycoon 2FA phishing kit appeared first on CyberScoop.
Continue reading Global coalition dismantles Tycoon 2FA phishing kit
The marketplace was one of the world’s largest hubs for cybercrime with more than 142,000 members. Officials identified and arrested multiple suspects after seizing the site’s database.
The post Authorities from 14 countries shut down major cybercrime forum LeakBase appeared first on CyberScoop.
Continue reading Authorities from 14 countries shut down major cybercrime forum LeakBase
The marketplace was one of the world’s largest hubs for cybercrime with more than 142,000 members. Officials identified and arrested multiple suspects after seizing the site’s database.
The post Authorities from 14 countries shut down major cybercrime forum LeakBase appeared first on CyberScoop.
Continue reading Authorities from 14 countries shut down major cybercrime forum LeakBase
Blind spots in complex cloud environments allow identity-based attacks to achieve the same outcome as complex malware or zero-day exploits. Sophistication need not apply.
The post Attackers are using your network against you, according to Cloudflare appeared first on CyberScoop.
Continue reading Attackers are using your network against you, according to Cloudflare