Blog
-
Breach of Popular Discord Bot Leads to Spam and Malware Campaigns in NFT Projects, Including Axie Infinity
A Discord bot that is often used to automate moderation and message display functions was compromised, enabling the hackers to send spam and malware messages from trusted administrative sources in NFT Projects.
-
Apple, Microsoft and Google Line Up Behind FIDO in Push for Passwordless Authentication
Passwordless authentication schemes like FIDO have been available for years but have received a mostly lukewarm reception. Big tech’s biggest names are now getting behind the standard.
-
Costa Rica Declares State of National Emergency Over Conti Ransomware Attacks, US Steps in to Assist
The chain of attacks on the Costa Rican government began on April 17, quickly turning into a true national emergency. Conti ransomware made its way onto the servers of the finance and labor ministries among other agencies.
-
Ferrari NFT Scam Plays on Anticipation for Legitimate Release, But Nets Very Little Money
The thieves appear to have made off with less than $1,000 in the Ferrari NFT scam, owing to quick action to shut it down once it was noticed.
-
Ransomware Attack Could Cost Colonial Pipeline an Extra $1 Million in Government Fines
The DoT is looking to fine fuel supplier Colonial Pipeline over the widely publicized ransomware attack of 2021, saying that the company failed inspections conducted in 2020.
-
The Insider Phishing Scam Case That Nearly Cost the DoD $23.5 Million
The DoD vendor phishing scam in 2018 seemed to work well enough, netting $23.5 million in stolen payments for four months before it all fell apart.
-
Is Russia Monitoring Corporate M&A? Cyber Espionage Campaign Bears Hallmarks of State-Backed Threats
Cyber espionage effort is focusing on the emails of targets, searching entire networks for terms relating to M&A discussions and corporate transactions using specialized tools.
-
Could an Open Source Policy Make Twitter Unsafe? Debate Rages Over Plan To Make Twitter’s Algorithm Visible to the Public
Elon Musk has promised to make Twitter’s algorithm public, but new threats could potentially come along with an open source policy. Could the potential security problems created by open access to Twitter’s inner workings outweigh the public good?
-
Attacks on Nuclear Plant, TV Station Backed Up by Russian Cyber Attacks, According to Security Analysts
Security analysts with Microsoft have been tracking recent Russian cyber attacks and have seen a pattern of their use to support real world missile strikes and seizures of facilities, with destructive attacks sometimes used as a part of the overall strategy.
-
Vulnerable Code Regularly Ships, Developers Frequently Miss Security Alerts as Workloads Become Untenable
42% of these developers said that they push vulnerable code at least once per month. Security teams, in turn, express frustration at developers not following their advice.