Compromising an employee's email account can be profitable for BEC scammers and for distributing malware, but being able to gain access to an email domain's administrator account is a jackpot. For this reason, it is important to be aware of phishing scams that are not targeting an organization's users, but rather their administrators
The U.S. Internal Revenue Service (IRS) failed to implement a good deal of security controls recommended over the years, leaving financial reporting and taxpayer data vulnerable to "inappropriate and undetected use, modification, or disclosure."
A contractor for the Russian Federal Security Service (FSB) has been hacked and secret projects that were being developed for the intelligence agency were leaked to Russian Media. These projects detail Russia's attempt to de-anonymize users on the Tor network, collect data from social networks, and how to isolate the Russian internet
The Chromium-based Microsoft Edge is using Controlled Featured Rollout to test new features with randomly selected small groups of users. Over time, Microsoft gradually increases the size of the control group to garner further feedback and usage statistics.
Windows Defender is being rebranded to Microsoft Defender to indicate that it now part of a cross platform family of products. This includes enterprise products, which offer solutions for multiple OS platforms.
What a week. Every day we see a new city, police station, college, government agency, or company being affected by a ransomware attack. To make matters worse, they are getting hit with targeted ransomware that asks for a hefty price to get a decryptor.
Cloud computing provider iNSYNQ experienced a ransomware attack which forced the company to shut down some of its servers to contain the malware infection from spreading and affecting more customer data.
A new extortion scam is underway that pretends to be from a US State Police detective who is willing to delete child porn evidence if you send them $2,000 in bitcoins. Pretending to be from a state police detective is a new twist, but what really stands out is that they also include a contact phone number that can be used to call the
Mozilla and the Tor Project are in the early stages of exploring the inclusion of Tor's private browsing features within the Firefox web browser in the form of a privileged extension.
WizzAir today announced its customers that their account password has been automatically reset due to a technical issue in the system.
A flurry of ransomware attacks has been reported this week affecting entities in US states of Georgia, New York, Tennessee, and Florida.
A sample of the ransomware called MegaCortex that is known to target the enterprise in targeted attacks has been found and analyzed. In this article, we will provide a brief look at the MegaCortex Ransomware and how it encrypts a computer.
Nine years and more than 8,500 security bug reports later, Google decided to increase the value of the rewards for security vulnerabilities submitted through its Chrome Vulnerability Rewards Program.
Attackers have created a fake Office 365 site that is distributing the TrickBot password-stealing Trojan disguised as Chrome and Firefox browser updates.
Microsoft has started testing the new Window 10 Controlled Feature Rollout feature with Windows Insiders in the Slow ring. This feature allows Microsoft to slowly roll out new features without releasing entirely new builds.
Microsoft says that a new user activity-based expiration policy can be enabled for Office 365 groups by select Azure AD Premium customers starting today allowing for automated lifetime renewals without any user intervention.
Microsoft has released Windows 10 20H1 Insider Preview Build 18941 to Insiders in the Fast ring. This build includes various fixes, such as for a crash when searching the OneDrive folder, and a new Korean IME.
Researchers unearthed a new and highly prolific malware framework used by its creators to generate over one billion fraudulent ad impressions over a time span of just three months.
Slack has started sending out emails informing users that their account passwords have been reset due to being compromised during the Slack 2015 security incident. Slack has stated that this is only affecting 1% of their users.
Microsoft says that it notified roughly 10,000 of its customers in the past year of being either targeted or compromised by nation-state sponsored threat groups.