Fake MFA Reset Warning Message
A KnowBe4 co-worker of mine recently got this SMS phishing message (i.e., smish).
MFA
Smart Cars, Dumb Passwords: Auto Industry Still Runs on Weak Passwords
A new study by NordPass and NordStellar reveals the automotive industry is plagued by weak, reused, and common…
You Are Still Vulnerable to Password Attacks When Using Passkeys
Just because you’re using a passkey doesn’t mean your password is gone.
A Sneaky T-Mobile Scam and Lessons That Were Learned
A friend of mine got a call on his phone and he regrettably picked it up. The number was 267-332-3644. The area code is from Bucks County, PA, where he used to live many years ago.
What Is Device Code Phishing?
Ever since Microsoft’s initial announcement on February 13, 2025, about a Russian nation-state phishing campaign using “device code phishing,” many people have been wondering what it is.
This post will tell you what device code phishing …
New SessionShark Phishing Kit Bypasses MFA to Steal Office 365 Logins
SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn of real-time attacks via fake…
Warning: Ransomware Remains a Top Threat for SMBs
A new report from Sophos found that ransomware attacks accounted for over 90% of incident response cases involving medium-sized businesses in 2024, as well as 70% of cases involving small businesses.
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing
Russian APT group Storm-2372 employs device code phishing to bypass Multi-Factor Authentication (MFA). Targets include government, technology, finance,…
Securing Employee Identities: Expert Tips for Identity Management Day 2025
With this week being Identity Management Day on April 8th, it’s the perfect reminder for organizations to focus on protecting their employees’ digital identities.
Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security
The new funds will be used to extend Corsha’s reach into critical infrastructure and further improve its own use of AI.
The post Corsha Raises $18 Million to Enhance and Extend Machine-to-Machine Security appeared first on SecurityWeek.