ICYMI: A Microsoft Warning, Follina, Atlassian, and More
Dark Reading’s digest of the other don’t-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.
Want to know more about this topic or about us? Contact us!
Dark Reading’s digest of the other don’t-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.
OpenSea warns users that they are likely to be targeted in phishing attacks after a vendor employee accessed and downloaded its email list.
Even as more attacks target humans, lack of dedicated staff, relevant skills, and time are making it harder to develop a security-aware and engaged workforce, SANS says.
The latest evolution in social engineering could put fraudsters in a position to commit insider threats.
The “Missing Cryptoqueen” makes the American Top Ten… but not in a good way.
The hacktivist group is ramping up its activities and ready to assault governments and businesses with escalating capabilities.
Google on Thursday announced a slew of improvements to its password manager service aimed at creating a more consistent look and feel across different platforms. Central to the changes is a “simplified and unified management experience that’s the same in Chrome and Android settings,” Ali Sarraf, Google Chrome product manager, said in a blog . . . Read more
Microsoft has detailed the evolving capabilities of toll fraud malware apps on Android, pointing out its “complex multi-step attack flow” and an improved mechanism to evade security analysis. Toll fraud belongs to a category of billing fraud wherein malicious mobile applications come with hidden subscription fees, roping in unsuspecting users . . . Read more
With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Microsoft has a new response.