Here is some of the open-source software I use – and it has all been targeted!

antivirus

PuTTY, KiTTY and Sumatra PDF Reader – I did my due diligence before installing these – and now they have been targeted by ZINC, a state-sponsored group operating out of North Korea. ZINC weaponizing open-source software – Microsoft Security Blog Before writing this blog post I had checked my system …

Mass spamming starts with no MFA and credential stuffing

Microsoft has been monitoring and seeing an increase in attacks using malicious OAuth applications, installed on compromise cloud servers that then facilitate mass spamming from Exchange Online servers. Malicious OAuth applications abuse cloud email services to spread spam – Microsoft Security Blog The attack started with the threat actor launching …

If you are better informed on the how, what and where of ransomware attacks, you will be better equipped on what decisions you need to take to defend against it.

Here is an article from last week that is an in depth look at the Vice Society hacking gang’s operations. It was issued by the following US government agencies; the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center …

One click account vulnerability in the TikTok Android app

The Microsoft Security Blog is reporting on a flaw discovered in the Android TikTok app that would potentially allow threat actors to take over the user’s account with them clicking on a malicious link. Vulnerability in TikTok Android app could lead to one-click account hijacking – Microsoft Security Blog Remember …