by Charles Fleming | Jan 21, 2021 | Cybersecurity
Check Point Research and Otorio published a blog post describing the campaign, in which stolen information was dumped on compromised WordPress domains. The recent phishing attack began with one of several fraudulent email templates and would mimic Xerox/Xeros scan... by Charles Fleming | Jan 20, 2021 | Cybersecurity
Chinese hackers are gathering passenger details from airlines across the world to track high-value targets’ movements. The intrusions have been linked to a threat actor that the cyber-security has been tracking under the name of Chimera. The initial report... by Charles Fleming | Jan 19, 2021 | Cybersecurity
FireEye Mandiant announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the threat group that attacked IT management company SolarWinds. UNC2452 has used some sophisticated techniques to... by Charles Fleming | Jan 18, 2021 | Cybersecurity
The Federal Bureau of Investigation has issued a Private Industry Notification (PIN) to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms. The COVID 19 pandemic has forced the broad... by Charles Fleming | Jan 14, 2021 | Cybersecurity
In an advisory issued on Wednesday, CISA (Cybersecurity and Infrastructure Security Agency) revealed that hackers have been employing successful phishing campaigns, brute force login attempts, and potentially pass-the-cookie attacks to exploit weaknesses in cloud... by Charles Fleming | Jan 14, 2021 | Cybersecurity
Austria-based cybersecurity consultancy SEC Consult discovered five types of vulnerabilities in Pepperl+Fuchs Control industrial products, including cross-site request forgery (CSRF), reflected cross-site scripting (XSS), blind command injection, and denial-of-service...