It’s not enough to tell your employees to create strong, unique passwords. You’ve got to actively manage and protect their login accounts, especially those belonging to privileged users. Many types of software can help you handle employee credentials to make your organization as safe and smooth-running as possible.
Turkey-based threat group Cobalt Terrapin has been deploying a more sophisticated business email compromise campaign involving both vendor and executive impersonation since July, ZDNET reports.
Numerous state-sponsored threat actors were able to compromise and exfiltrate data from a U.S.-based defense industrial base organization between January and November last year, BleepingComputer reports.
This week’s healthcare data breach roundup is led by a cyberattack on Family Medical Center Services in Texas that compromised a large trove of patient data, and includes multiple cyberattacks and email-related security incidents.
Threat actors could exploit the Application Mode feature in Chromium-based browsers Google Chorme, Microsoft Edge, and Brave Browser in a new phishing technique involving the creation of local login forms that impersonate desktop applications, reports BleepingComputer.
North Korean state-sponsored hacking group Lazarus has been engaging in a Bring Your Own Vulnerable Driver spear-phishing attack exploiting a Dell hardware driver since last autumn, BleepingComputer reports.
Cobalt Strike beacons are being deployed in a new malware campaign involving fraudulent job-themed lures, which was initially identified in August, reports The Hacker News.
The Federal Trade Commission and the Department of Justice have been called on by Senate Majority Leader Chuck Schumer, D-N.Y., to bolster efforts in ensuring proper consumer data protection against cyberattacks and investigating threat actors behind hacking incidents, CNN reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
