Category Archives: Security

Hackers are using a novel technique that combines legitimate office.com links with Active Directory Federation Services (ADFS) to redirect users to a phishing page that steals Microsoft 365 logins. […] Go to Source Author: Ionut Ilascu

Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. […] Go to Source Author: Bill Toulas

Email security is stuck where antivirus was a decade ago—focused only on prevention. Learn from Material Security why it’s time for an “EDR for email” mindset: visibility, post-compromise controls, and SaaS-wide protection. […] Go to Source Author: Sponsored by Material Security

The Python Package Index (PyPI) has introduced new protections against domain resurrection attacks that enable hijacking accounts through password resets. […] Go to Source Author: Bill Toulas

Okta has open-sourced ready-made Sigma-based queries for Auth0 customers to detect account takeovers, misconfigurations, and suspicious behavior in event logs. […] Go to Source Author: Bill Toulas

Enterprise search and security company Elastic is rejecting reports of a zero-day vulnerability impacting its Defend endpoint detection and response (EDR) product. […] Go to Source Author: Bill Toulas

American pharmaceutical company Inotiv has disclosed that some of its systems and data have been encrypted in a ransomware attack, impacting the company’s business operations. […] Go to Source Author: Bill Toulas

The Business Council of New York State (BCNYS) has revealed that attackers who breached its network in February stole the personal, financial, and health information of over 47,000 individuals. […] Go to Source Author: Sergiu Gatlan

A state-sponsored espionage campaign is targeting foreign embassies in South Korea to deploy XenoRAT malware from malicious GitHub repositories. […] Go to Source Author: Bill Toulas