Security Bulletin

Initial access brokers (IAB) are often difficult to track. This Tech Tip spells out some countermeasures enterprises need to defend against stolen credentials.

Toyota Finance confirms unauthorized systems access Toyota Motor Corporation subsidiary Toyota Financial Services has confirmed that unknown actors have illegally accessed systems on "a limited number" of locations in Africa and Europe, hours after...

Threat actors are using the Ddostf malware botnet to enslave MySQL servers and rent them out to cyber criminals as a DDoS-as-a-Service platform, BleepingComputer reports.

Cybersecurity firm NSFOCUS has identified a new advanced persistent threat actor group named DarkCasino, which was behind the attacks that exploited a zero-day flaw in the WinRAR archiving tool, The Hacker News reports.

Government agencies in Moldova, Pakistan, Tunisia, and Vietnam have been targeted by threat actors in campaigns exploiting a zero-day vulnerability in the Zimbra Collaboration email server that was discovered in June, reports The Record, a news site...

An advisory released by the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency details the background, composition, and tactics of the threat actor collective Scattered Spider, according to BleepingComputer.

White House Office Federal Chief Information Security Officer and Deputy National Cyber Director Chris DeRusha said the Biden administration is already reexamining the implementation plan for its recently published national cybersecurity strategy...

Bitdefender has warned of its discovery of a new attack methodology that threat actors may use against victims who are using Google Workspace and the Google Cloud Platform, reports The Hacker News.

The number of ransomware groups engaging in multipoint ransomware activities, also known as double-tap or double-extortion methods, to pressure targets into acceding to their ransom demands has been surging over the past three quarters of the year...

Ransomware group Lockbit has modified its organizational strategy on negotiations in a bid to increase its illicit revenue, BNN Bloomberg reports.

The city of Long Beach, California, disclosed that its government systems have been affected by a cybersecurity incident.

Security budgets will benefit from new priorities, streamlined responses rather than wholesale cost-cutting in light of cyberattacks and increased regulatory requirements.