Click “OK” to defeat MFA
A sophisticated threat actor has been using a very unsophisticated method to defeat multi-factor authentication.
Evasive maneuvers: HTML smuggling explained
The intelligence team at Microsoft has revealed that cybercriminals are increasingly using a tactic called HTML smuggling. What is it, and why should internet users be concerned?
A week in security (Nov 8 – Nov 14)
A roundup of the previous week’s articles, and the most important and interesting security events and happenings.
FoggyWeb, analysis of a Nobelium backdoor
FoggyWeb is a highly targeted backdoor that is in use by the Nobellium group targeting Active Directory Federation Services servers.
Analysts “strongly believe” the Russian state colludes with ransomware gangs
“We have the smoke, the smell of gunpowder and a bullet casing. But we do not have the gun to link the activity to the Kremlin.”
Russia accused of hacking Dutch police during MH17 investigation
Journalists in the Netherlands suspect that Russian group APT29 (Cozy Bear) breached Dutch Police systems looking for information about MH17.
A week in security (May 24 -30)
A roundup of the previous week’s most interesting security and online privacy news, from May 24 to May 30.
SolarWinds attackers launch new campaign
The Microsoft Threat Intelligence Center has issued a warning about new activities from Nobelium, the group behind SolarWinds, Sunburst, and related attacks.
Colonial Pipeline attack expected to trigger imminent hardening of cybersecurity rules for federal agencies
Colonial Pipeline’s ransomware attack caused the White House to possibly refine a planned Executive Order on cybersecurity.
SUPERNOVA malware discovered on SolarWinds Orion server
During an incident response investigation CISA found SUPERNOVA malware hidden on a server running SolarWinds Orion.