Month: May 2024
Microsoft announced that Windows users can now log into their Microsoft consumer accounts using a passkey, allowing users to authenticate using password-less methods such as Windows Hello, FIDO2 security keys, biometric data (facial scans or fingerprints), or device PINs. Microsoft “consumer accounts” refer to personal accounts for accessing Microsoft services and products such as Windows,…
Read More
“I’ve been trying to take everything that’s been negative about this and … turn it into some sort of positive,” Robert Cioffi said in an interview. Robert Cioffi, chief technology officer and co-founder of Progressive Computing, one of the MSPs hit in the 2021 Kaseya ransomware attack, traveled about 1,500 miles from his home in…
Read More
May 03, 2024NewsroomCloud Security / Threat Intelligence Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The…
Read More
May 03, 2024The Hacker NewsLive Webinar / Server Security In today’s rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these cyber threats grow in sophistication, understanding and countering them becomes crucial for any business seeking to protect its online presence. To address this urgent…
Read More
Verizon’s DBIR found that hackers are having a field day exploiting vulnerabilities to gain initial access. Plus, a CISA program is helping critical infrastructure organizations prevent ransomware attacks. In addition, check out what Tenable’s got planned for RSA Conference 2024. And get the latest on the Change Healthcare breach. And much more! Dive into six…
Read More
The advisory noted that despite approaches to avoid directory traversal vulnerabilities being readily available, their exploitation by threat actors is still on the rise, especially to impact critical services including hospital and school operations. The prevalence of such vulnerabilities is apparent through CISA’s current listing of 58 path traversal vulnerabilities in its known exploited vulnerabilities…
Read More
In December on the heels of its SFI announcement, Microsoft appointed Tsyganskiy, a relative newcomer to the company, to replace former and longtime CISO Bret Arsenault, who transitioned to an adviser position. Ongoing security struggles Around the same time — but unbeknownst to Microsoft until January — a Russia-based threat group Midnight Blizzard, also known…
Read MoreRare Interviews with Enigma Cryptanalyst Marian Rejewski The Polish Embassy has posted a series of short interview segments with Marian Rejewski, the first person to crack the Enigma. Details from his biography. Tags: cryptanalysis, Enigma, history of cryptography, war Posted on May 3, 2024 at 7:10 AM • 0 Comments Sidebar photo of Bruce Schneier…
Read More
May 03, 2024The Hacker NewsSaaS Security / Browser Security SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business. At the same time, these applications also pose a new security risk that security leaders need to address, since the existing security stack does not enable…
Read More
According to Mandiant’s M-Trends report for 2024, exploits were the top initial infection vector in 2023, used in 38% of attacks, followed by phishing (17%), prior compromise (15%), stolen credentials (10%), and brute force (6%) to round out the top 5. Foundry How malware spreads You’ve probably heard the words virus, trojan, and worm used interchangeably. In fact, the…
Read More