GADOLINIUM threat actors use cloud services and open source tools in cyberattacks
Security experts from Microsoft have observed a cyber threat actor dubbed GADOLINIUM that uses new attack techniques via cloud services and open source tools.
Security experts from Microsoft have observed a cyber threat actor dubbed GADOLINIUM that uses new attack techniques via cloud services and open source tools.
Cybersecurity criminals are continuing to change threat tactics by leveraging more fileless malware and duel-use tools to attack organizations.
Chinese Ministry of State Security (MSS)-affiliated cyber threat actors are targeting U.S. government agencies, as well as exploiting four popular vulnerabilities over the past 12 months.
Security firm Bitdefender published its mid-year Threat Landscape Report 2020 that reveals how cybersecurity threats and malware play on the pandemic theme.
North Korea’s BeagleBoyz cybercriminals have launched an automated teller machine (ATM) cash-out scheme, known as FASTCash 2.0. Cyber experts from the U.S. government have detected the cyber activity over the past five years that led to nearly $2B loss to financial institutions around the world.
The Homeland Security Systems Engineering and Development Institute (HSSEDI), has released the 2020 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list.
Security experts from Check Point Research have observed a sharp increase in Emotet botnet activity used to spread spam campaigns and steal banking credentials.
The Federal Trade Commission (FTC) has released a new video to help keep your small business safe from fraud. This is another video in a series of videos from the FTC Protecting Small Businesses playlist.
U.S. government cybersecurity experts are providing guidance on the “top 10” most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.
Microsoft has released new Zero Trust guidance for Azure Active Directory (Azure AD). The guidance is part of a broader “Zero Trust Security Strategy” to help organizations provide more secure access to corporate resources.