The compromise of a Microsoft engineer’s account was just one of several factors that allowed threat group Storm-0558 to steal a cryptographic signing key and access U.S. government accounts.
SiliconAngle reports that most cyberattacks have been deployed to target a variety of asset types, with threat actors focusing more on potential access.
Macs subjected to malicious packages in new attack campaign MacOS devices have been targeted in a new campaign involving malicious NPM, PyPI, and RubyGems packages that aimed to exfiltrate user data, according to SecurityWeek.
Group-IB researchers uncover an underground market that leverage phishing kits to bypass MFA and launch BEC attacks in the United States, Australia, and Europe.
Data theft from a UK military security fencing provider is a stark reminder the manufacturing sector is rife with aging, unsupported and vulnerable systems that can endanger the entire supply chain.