More results...
Citizen Lab and Google uncovered a new, sophisticated cyberattack linked to Russian state actors that exploits App-Specific Passwords, bypassing Multi-Factor Authentication. Discover how to protect yourself from these evolving threats.
Amazon Web Services has announced new and improved security features at its annual AWS re:Inforce cloud security conference. The company has also introduced features aimed at speeding up backup recovery, and has announced the completion of its push to …
A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).
A new study by NordPass and NordStellar reveals the automotive industry is plagued by weak, reused, and common…
Just because you’re using a passkey doesn’t mean your password is gone.
A friend of mine got a call on his phone and he regrettably picked it up. The number was 267-332-3644. The area code is from Bucks County, PA, where he used to live many years ago.
Ever since Microsoft’s initial announcement on February 13, 2025, about a Russian nation-state phishing campaign using “device code phishing,” many people have been wondering what it is.
This post will tell you what device code phishing …
SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn of real-time attacks via fake…
A new report from Sophos found that ransomware attacks accounted for over 90% of incident response cases involving medium-sized businesses in 2024, as well as 70% of cases involving small businesses.
Russian APT group Storm-2372 employs device code phishing to bypass Multi-Factor Authentication (MFA). Targets include government, technology, finance,…