Cyber attack hits State Department in ‘possible serious breach’

Microsoft is rolling out passwordless login support over the coming weeks, allowing customers to sign in to Microsoft accounts without using a password. The company first allowed commercial customers to rollout passwordless authentication in their environments in March after a breakthrough year in 2020 when Microsoft reported that over 150 million users were logging into…

  The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) have issued an alert about an ongoing Avaddon ransomware campaign that is affecting organizations across a wide range of industries in the United States and across the world.  Avaddon ransomware associates are attempting to breach the networks of manufacturing, healthcare, and…

Cybercrime , Fraud Management & Cybercrime , Malware as-a-Service Attackers Deploy NanoCore Malware as Part of the Campaign Akshaya Asokan (asokan_akshaya) • March 13, 2021     Email sample containing a .zipx attachment. Source: Trustwave A new malspam campaign is delivering the NanoCore remote access Trojan as a malicious Adobe icon to infect its victims,…

Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks. In a breach notification letter sent to affected customers earlier this month, the company said that this was not a “systemic data breach of Intuit.”…

Cisco Systems has agreed to purchase Kenna Security to help customers more effectively prioritise vulnerabilities based on threat intelligence and business impact. The San Jose, Calif.-based networking giant said its proposed acquisition of Santa Clara, Calif.-based Kenna will make it easier for organizations to work cross-functionally to rapidly identify, prioritize and remediate cyber risk. This…

Microsoft Windows July 2021 Patch Tuesday just rolled out, patching 12 critical security vulnerabilities in a total of 116 issues. It is noteworthy that three of the issues addressed this month were actively exploited in the wild. These bugs include a critical scripting engine memory corruption issue known as CVE-2021-34448, and two Windows kernel elevation-of-privilege…