'PerSwaysion' Phishing Campaign Still Ongoing, and Pervasive

Click here to subscribe to Informationweek.com

Categories: Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines Age: 14 until 18 year 19 until 30 year 31 until 64 years

3 years ago

Html
Text

Follow Dark Reading:

November 19, 2021

LATEST SECURITY NEWS & COMMENTARY

'PerSwaysion' Phishing Campaign Still Ongoing, and Pervasive Research shows that multiple attack groups have been using the Microsoft file-sharing service - leveraging phishing kit for much longer than previously thought. Microsoft Exchange Server Flaws Now Exploited for BEC Attacks Attackers also are deploying ProxyShell and abusing the vulnerabilities in stealthier manner, researchers say. North Korean Hacking Group Targets Diplomats, Forgoes Malware The TA406 group uses credential harvesting to target diplomats and policy experts in the United States, Russia, China, and South Korea, rarely resorting to malware. Swarm Intelligence May Be Just the Ticket for Improved Network & Device Security Based on the reaction of a single insect in a swarm, messages are passed along peer to peer, and an entire environment can respond without a central leader processing data and giving orders. California Pizza Kitchen Suffers Data Breach Personal data, including Social Security numbers, of more than 100K employees exposed. MORE NEWS / MORE COMMENTARY


HOT TOPICS
How to Negotiate With Ransomware Attackers Security researchers investigate the ransom negotiation process to create strategies businesses can use if they face an attack. Open Source Project Aims to Detect Living-Off-the-Land Attacks The machine learning classifier from Adobe can determine whether system commands are malicious and classify them using a variety of tags useful for security analysts. How to Navigate the Mitigation of Deepfakes Deepfakes are already several steps ahead of the technology that can detect and warn us about them. MORE

EDITORS' CHOICE
Is XDR Overhyped? Security experts weigh in on the value and pitfalls of extended detection and response (XDR), offering consideration and advice on this growing new category. LATEST FROM THE EDGE
Addressing the Low-Code Security Elephant in the Room The danger of anyone being able to spin up new applications is that few are thinking about security. Here's why everyone is responsible for the security of low-code/no-code applications. LATEST FROM DR TECHNOLOGY
Search CT Logs for Misconfigured SSL Certificates Security defenders can run these queries against Certificate Transparency logs to identify misconfigured SSL certificates before they can be used by adversaries to map out attacks.

Tech Resources

2021 Ransomware Threat Report 2021 Cyberthreat Defense Report How to Plan for Endpoint Security Against Ever-evolving Cyberthreats Architects Guide to Zero Trust Network Access Simple Solutions for Continuous Visibility to Active Directory Exposures & Live Attacks Identity Detection & Response (IDR) as a Solution for Identity-Based Attacks Understanding the Most Common Lateral Movement Attack Tactics

ACCESS TECH LIBRARY NOW

Cybersecurity Forecast 2022: Snowpocalypse or cloudy with a chance of rain?

Does the year ahead hold significant promise for IT and Security teams, or does the upheaval caused by COVID-19 and the spike in cyberattacks continue well into 2022? As threat actors continue to evolve, what should security teams look out for ...

Protecting Enterprise Data from Malicious Insiders

It's a sad truth: not all employees are nice. Corporate espionage, sabotage and other security incidents could be committed or aided by any insider with something to gain. How do you know when a once-trustworthy employee is about to do ...

MORE WEBINARS

FEATURED REPORTS

10 Hot Talks From Black Hat USA 2021 The State of Malware Threats

MORE REPORTS

CURRENT ISSUE

How Data Breaches Affect the Enterprise
DOWNLOAD THIS ISSUE	SUBSCRIBE NOW
BACK ISSUES \| MUST READS \| TECH DIGEST

PRODUCTS & RELEASES

Two Iranian Nationals Charged for Cyber-Enabled Disinformation and Threat Campaign Designed to Influence the 2020 US Presidential Election Artificial Intelligence and Machine Learning, Cloud Computing, and 5G Will Be the Most Important Technologies in 2022, Says New IEEE Study GBG Announces It Has Agreed to Acquire Acuant CISA Releases Incident and Vulnerability Response Playbooks to Strengthen Cybersecurity for Federal Civilian Agencies MORE PRODUCTS & RELEASES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107

To update your profile, change your e-mail address, or unsubscribe, click here.

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Share on

Other newsletters from Informationweek.com

How to Create an Accurate IT Project Timeline Informationweek.com
32 minutes ago
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor Informationweek.com
2 hours ago
Privacy Regulations Changing - Are You Prepared? Informationweek.com
13 hours ago

More newsletters from Informationweek.com

Related newsletters

View other categories

Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines

'PerSwaysion' Phishing Campaign Still Ongoing, and Pervasive

How Data Breaches Affect the Enterprise

Share on

Other newsletters from Informationweek.com

Related newsletters

View other categories