attacks
-
Blog
Facebook rolls out passkey support to fight phishing attacks
Passkeys can replace traditional passwords with your device’s own authentication methods. That way, you can sign in to Gmail, PayPal, or iCloud just by activating Face ID on your iPhone, your Android phone’s fingerprint sensor, or with Windows Hello on a PC. Built on WebAuthn (or Web Authentication) tech, two different keys are generated when you create a passkey: one…
Read More » -
Blog
Password-spraying attacks target 80,000 Microsoft Entra ID accounts
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last December and has successfully hijacked multiple accounts, say researchers at cybersecurity company Proofpoint, who attribute the activity to a threat actor called UNK_SneakyStrike. According to the researchers, the peak of the campaign happened on January…
Read More » -
Blog
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. Researchers at Citizen Lab say that the victims were a prominent European journalists who requested anonimity and Ciro Pellegrino, a journalist at Italian publication Fanpage.it. “Our analysis finds forensic evidence confirming with high confidence that…
Read More » -
Blog
Stolen Ticketmaster data from Snowflake attacks briefly for sale again
The Arkana Security extortion gang briefly listed over the weekend what appeared to be newly stolen Ticketmaster data but is instead the data stolen during the 2024 Snowflake data theft attacks. The extortion group posted screenshots of the allegedly stolen data, advertising over 569 GB of Ticketmaster data for sale, causing speculation that this was a new breach. Listing of…
Read More » -
Blog
Critical Fortinet flaws now exploited in Qilin ransomware attacks
The Qilin ransomware operation has recently joined attacks exploiting two Fortinet vulnerabilities that allow bypassing authentication on vulnerable devices and executing malicious code remotely. Qilin (also tracked as Phantom Mantis) surfaced in August 2022 as a Ransomware-as-a-Service (RaaS) operation under the “Agenda” name and has since claimed responsibility for over 310 victims on its dark web leak site. Its victim…
Read More » -
Blog
Hackers target Salesforce accounts in data extortion attacks
Google has observed hackers claiming to be the ShinyHunters extortion group conducting social engineering attacks against multi-national companies to steal data from organization’s Salesforce platforms. According to Google’s Threat Intelligence Group (GTIG), which tracks the threat cluster as ‘UNC6040,’ the attacks target English-speaking employees with voice phishing attacks to trick them into connecting a modified modified version of Salesforce’s Data…
Read More » -
Blog
Email spoofing attacks are still a major threat for FTSE 100 companies – despite a simple fix being widely available
Almost a third of FTSE 100 organizations are still vulnerable to email spoofing attacks, according to research by Hornetsecurity. The findings come in spite of the widespread availability of domain-based message authentication, reporting & conformance (DMARC) tools, which perform last-mile checks on emails to ensure they come from legitimate domains and aren’t malicious in nature. Speaking at Infosecurity Europe 2025,…
Read More » -
Blog
Google patches new Chrome zero-day bug exploited in attacks
Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year. “Google is aware that an exploit for CVE-2025-5419 exists in the wild,” the company warned in a security advisory published on Monday. This high-severity vulnerability is caused by an out-of-bounds read and write weakness in Chrome’s V8 JavaScript engine, reported one week ago by…
Read More » -
Blog
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
A weakness in Apple’s Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users. By abusing the Fullscreen API, which instructs any content on a webpage to enter the browser’s fullscreen viewing mode, hackers can exploit the shortcoming to make guardrails less visible on Chromium-based browsers and trick victims into typing sensitive…
Read More » -
Blog
Two more NHS Trusts have been hit with cyber attacks – here’s what we know so far
Two NHS trusts have suffered cyber attacks which exposed staff data, prompting fresh calls for more robust supply chain security practices. University College London Hospitals (UCLH) NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust were targeted in an attack which exploited a flaw in Ivanti Endpoint Manager Mobile (EPMM) – a tool used to manage employee mobile devices.…
Read More »