Threat Intelligence
Washington Post Journalists’ Microsoft Email Accounts Hacked
The Microsoft email accounts of several Washington Post journalists whose coverage includes national security and economic policy, including China, where hacked and could give the bad actors access to the messages that ...
Zero-Click Flaw in Microsoft Copilot Illustrates AI Agent, RAG Risks
Aim Security researchers found a zero-click vulnerability in Microsoft 365 Copilot that could have been exploited to have AI tools like RAG and AI agents hand over sensitive corporate data to attackers ...
Huge Food Wholesaler Paralyzed by Hack — is it Scattered Spider Again?
UNFInished business: We were warned this would happen. And now here we are ...
BADBOX 2.0 Botnet Infects Million-Plus Devices, FBI Says
BADBOX 2.0, which emerged two years after the initial iteration launched and a year after it was disrupted by vendors, has infected more than one million IoT consumer devices, prompting a warning ...
Microsoft Launches Free Security Program for European Governments
Microsoft is offering European countries a new cybersecurity program for free to help them defend against threats from nation-states like China and Russia, ransomware gangs, and AI-powered cyber threats through greater intelligence ...
Microsoft, CrowdStrike Partner to Bring Clarity to Threat Actor Identities
Microsoft and CrowdStrike are partnering to bring better clarity to the information about threat groups, including their names and other attributes. They are creating ways for vendors to share and display such ...
Qualcomm Fixes Three Adreno GPU Flaws Abused in Android Attacks
Qualcomm issued patches for three zero-day vulnerabilities in its Adreno GPUs that Google threat intelligence researchers said were being exploited in "limited, targeted" attacks against Android devices ...
U.S., Dutch Agencies Shut Down AVCheck Services Used by Threat Groups
Authorities with the United States, the Netherlands, and Finland shut down the AVCheck counter antivirus and two crypting services that were used by bad actors to obfuscate their malware and to test ...
SentinelOne Outage Leaves Security Teams Hanging for Six Hours
SentinelOne's commercial customers consoles went down for about six hours May 29 in what the company says wasn't a "security incident," but it still faces questions from a customer based that wants ...
Strategies for Enhancing Your Organization’s Cyber Resilience
Organizations must improve their cyber resilience – not just for the sake of business operations, but to maintain customer confidence. ...
