“PerSwaysion” phishing campaign ongoing, and pervasive.

Views expressed in this cybersecurity and cybercrime update are those of the reporters and correspondents.

Accessed on 19 November 2021, 1337 UTC.

Content provided by “DarkReading.com.”

Source: https://www.darkreading.com/

Please click link or scroll down to read your selections.

Latest News

Microsoft Exchange Server Flaws Now Exploited for BEC Attacks

Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say.

North Korean Hacking Group Targets Diplomats, Forgoes Malware

The TA406 group uses credential harvesting to target diplomats and policy experts in the United States, Russia, China, and South Korea, rarely resorting to malware.


California Pizza Kitchen Suffers Data Breach

Personal data, including Social Security numbers, of more than 100K employees exposed.

‘PerSwaysion’ Phishing Campaign Still Ongoing, and Pervasive

Research shows that multiple attack groups have been using the Microsoft file-sharing service – leveraging phishing kit for much longer than previously thought.

Cyber Conflict Between US and Iran Heats Up

The United States, United Kingdom, and Australia warn attacks from groups linked to Iran are on the rise, while the Iranian government blames the US and Israel for an attack on gas pumps.

Cybercriminals Contemplate ‘Exploit-as-a-Service’ Model

Researchers share their findings on the current zero-day market and how criminals’ strategies may shift in the future.

Is XDR Overhyped?

Security experts weigh in on the value and pitfalls of extended detection and response (XDR), offering consideration and advice on this growing new category.

Belarus Linked to Big European Disinformation Campaign

EU officials and others previously had blamed Russia’s intelligence operations for the so-called Ghostwriter campaign.

Latest Commentary

Swarm Intelligence May Be Just the Ticket for Improved Network & Device Security

Based on the reaction of a single insect in a swarm, messages are passed along peer to peer, and an entire environment can respond without a central leader processing data and giving orders.

Nov 18, 2021

5 Things ML Teams Should Know About Privacy and the GDPR

Machine learning delivers plenty of benefits. But as the emerging technology gets applied more broadly, be careful about how you handle all the data used in the process.

Nov 17, 2021


How to Navigate the Mitigation of Deepfakes

Deepfakes are already several steps ahead of the technology that can detect and warn us about them.

Nov 17, 2021

4 Considerations for Improving Cloud Security Hygiene

Mixing cloud security and maintenance practices with legacy enterprise approaches usually ends up shortchanging cloud hygiene. Here are some ways to remedy that.

Nov 16, 2021

Navigating the Complexity of Today’s Digital Supply Chain

An efficient way to monitor security is to model user behavior using time series data and watching for anomalies.

Nov 16, 2021

For the latest cybersecurity news and information, please check the blog sidebar, links, and twitter posts.  Thanks for joining us today.

Russ Roberts