'

Uncovering Digital Footprints: How Hackers Exploit Them

Uncovering Digital Footprints: How Hackers Exploit Them

In today’s digital age, our lives have become intricately intertwined with the online world. From social media profiles to online shopping habits, we leave behind a trail of digital footprints that can reveal a lot about us. While these footprints may seem harmless, they can be exploited by hackers who are adept at piecing together … Read more

HelloKitty ransomware deployed via critical Apache ActiveMQ flaw

HelloKitty ransomware deployed via critical Apache ActiveMQ flaw

Attackers have begun exploiting a critical remote code execution vulnerability patched last week in Apache ActiveMQ to deploy ransomware in enterprise networks. Users are urged to upgrade the software as soon as possible. “Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two different customer environments,” … Read more

Boeing systems hit in reported Lockbit cyberattack

Boeing systems hit in reported Lockbit cyberattack

Aerospace and defense giant Boeing on Thursday confirmed that it had suffered a cyber incident affecting its parts and distribution business, and the infamous Lockbit ransomware group is reported to be behind the attack. According to a Boeing spokesperson, the company is taking post-incident steps to rectify the damage, noting that the incident did not … Read more

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here’s a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people across the United States who … Read more

Microsoft pledges cybersecurity overhaul to protect products and services

Microsoft pledges cybersecurity overhaul to protect products and services

Microsoft has announced the launch of the Secure Future Initiative (SFI) to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. The new initiative will bring together “every part of Microsoft” to advance cybersecurity protection incorporating three pillars focused on AI-based cyber defenses, advances in fundamental software … Read more

Protecting .NET Developers: Safeguarding Code Integrity in the Face of Malicious NuGet Packages

Protecting .NET Developers: Safeguarding Code Integrity in the Face of Malicious NuGet Packages

In recent times, the .NET developer community has faced a growing threat in the form of malicious NuGet packages. These packages, discovered and subsequently removed from the NuGet repository, posed a significant risk to developers’ code integrity. This blog post aims to shed light on this emerging threat and provide insights into the best practices … Read more

Governments should not pay ransoms, International Counter Ransomware Initiative members agree

Governments should not pay ransoms, International Counter Ransomware Initiative members agree

The members of the International Counter Ransomware Initiative (CRI) have agreement a joint policy statement declaring that member governments should not pay ransoms demanded by cybercriminal groups. The agreement was announced during the third CRI summit in Washington, D.C this week. CRI members affirmed the importance of strong and aligned messaging discouraging paying ransomware demands … Read more

Red Sift adds protection against phishing, BEC, and brand abuse

Red Sift adds protection against phishing, BEC, and brand abuse

Digital resilience provider, Red Sift is adding four new capabilities — Brand Trust, OnDMARC, ASM, and Certificates — designed to help organizations proactively address cybersecurity risks. The Red Sift platform uses APIs to collect and process large amounts of threat intelligence from cybersecurity feeds. The capabilities in the platform will bolster a company’s cyber resilience, … Read more

What is phishing? Examples, types, and techniques

What is phishing? Examples, types, and techniques

Phishing definition Phishing is a type of cyberattack that uses disguised email as a weapon. Variations of phishing use text messages, voicemail, or QR codes. These attacks use social engineering techniques to trick the email recipient into believing that the message is something they want or need–a request from their bank, for instance, or a … Read more

Starting your journey to become quantum-safe

Starting your journey to become quantum-safe

There’s no doubt we are living through a time of rapid technological change. Advances in ubiquitous computing and ambient intelligence transform nearly every aspect of work and life. As the world moves forward with new advancements and distributed technologies, so too does the need to understand the potential security risks. At Microsoft, our mission has … Read more