A botnet made up of more than 130,000 compromised devices is conducting large-scale password-spraying attacks against M365 accounts, exploiting non-interactive sign-ins with Basic Authentication. This method lets malicious actors bypass modern login protections, evade multi-factor authentication (MFA) enforcement, and remain undetected by security teams. Leveraging Purloined Credentials Malefactors are leveraging …
The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a joint Cybersecurity Advisory on Ghost (Cring) ransomware. The advisory, titled #StopRansomware: Ghost (Cring) Ransomware, provides network defenders with key indicators of compromise …
Cisco Talos has been actively tracking reports of extensive intrusion attempts targeting multiple major U.S. telecommunications companies. First identified in late 2024 and subsequently confirmed by the US government, this activity is attributed to a highly advanced threat actor known as Salt Typhoon. According to public reports, Salt Typhoon successfully …
In a newly seen phishing campaign, malicious actors have exploited URL manipulation techniques to obfuscate their malicious links, compromising businesses and individuals worldwide. Check Point researchers identified a whopping 200,000 phishing emails abusing URL information to hide phishing links, with the first instance recorded on 21 January. The campaign is …
2025 promises to be a big year in cybersecurity—for all the wrong reasons. While many are familiar with the projection that cybercrime will cost $10.5 trillion, Forrester’s updated report projects the costs will likely be closer to $12 trillion. To put that in perspective, the largest economy in the world, …
The second annual Fortra State of Cybersecurity Survey is here. It reveals that organizations are ensuring their foundational and fundamental cybersecurity position is robust to combat more sophisticated threats and comply with more stringent regulations. We also see a rise in the utilization of managed security services owing to budgetary …
By 2025, the first major breach of a knowledge management generative artificial intelligence (Gen AI) solution chatbot will make global headlines. This will mark a turning point in cybersecurity for all industries. The widespread adoption of Gen AI-based business solutions expands the prevalence of shadow AI. Shadow AI is a …
Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the cybersecurity gap or suffer the consequences. Upstream’s 2025 Automotive and …
Ransomware attacks are no longer a question of “if” but “when” or even “how often”. In this candid interview, Nigel Sampson, a cybersecurity professional, chatted to Joe Pettit, Director at Bora, to share his experience dealing with a LockBit ransomware incident—shedding light on the immense financial burden, the strategic playbook …
A recent analysis by cybersecurity firm Hudson Rock on its Infostealers site has uncovered alarming vulnerabilities within the US military and its defense contractors due to widespread info stealer malware infections. According to the company, these infections have compromised sensitive data across several high-profile entities, including Lockheed Martin, Boeing, Honeywell, …
Got Questions? Call Us Now!