Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Defending Assets You Don’t Know About, Against Cyberattacks

No security defense is perfect, and shadow IT means no company can inventory every single asset that it has. David “moose” Wolpoff, CTO at Randori, discusses strategies for core asset protection given this reality.

Threatpost
Open in Source
#Cloud Security#InfoSec Insider#Vulnerabilities#vulnerability#Breach#Web Security#Sponsored#Vulnerabilities#Malware#Web Security#microsoft#Malware#Web Security#Malware#Mobile Security#Web Security#android#Cloud Security#Critical Infrastructure#InfoSec Insider#Mobile Security#Vulnerabilities#Web Security
Industrial Goods & Services Tops Ransomware Targets in 2021

While the industrial goods and services sector saw a decline in attacks during the third quarter, it remains the most targeted sector for ransomware this year.

Who's In Your Wallet? Exploring Mobile Wallet Security

Security flaws in contactless payments for transportation systems could lead to fraud for stolen devices, researchers find.

5 Ways CMMC Security Requirements May Impact Universities

The Cybersecurity Maturity Model Certification puts research universities in a position where they must validate the effectiveness of their security controls before applying for a grant or bidding on a government contract.

We’re Excited to Announce the Launch of Comms Hub!

We are excited to announce the launch of Comms Hub to the Researcher Portal submission experience! With this launch, security researchers will be able to streamline communication with MSRC case SPMs (case managers), attach additional files, track case and bug bounty status all in the Researcher Portal. Summary – What is Comms Hub?

Microsoft Warns of Continued Supply-Chain Attacks by the Nobelium Hacker Group

Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind a new wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary's continuing interest in targeting the supply chain via the "compromise-one-to-compromise-many"

11 Security Settings You Should Know About in Windows 11

Microsoft has rolled out its most secure operating system yet. Here's how to make the most of it.

Popular NPM Package Hijacked to Publish Crypto-mining Malware

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining and password-stealing malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. <!--adsense--> The supply-chain attack targeting the open-source

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in