April 22, 2024 at 05:20PM ToddyCat, an APT group, collects data on an industrial scale from government and defense targets in the Asia-Pacific region. They use multiple simultaneous connections to steal data and maintain access, and have links to attacks going back to at least December 2020. Kaspersky recommends specific actions for organizations to protect … Read more
December 29, 2023 at 11:16AM Multiple malware families are exploiting an undocumented Google OAuth endpoint called “MultiLogin” to revive expired authentication cookies and infiltrate users’ accounts. This technique allows cybercriminals to gain unauthorized access to Google accounts, even after password resets or logouts. Despite being notified, Google has not responded to inquiries about this issue. … Read more
October 19, 2023 at 07:06AM Multiple North Korean threat actors, including Diamond Sleet and Onyx Sleet, have been targeting vulnerable TeamCity servers using the CVE-2023-42793 vulnerability, which allows remote code execution and admin-level access. Microsoft warns that these threat actors have a history of conducting software supply chain attacks and poses a high risk to … Read more