Phishing attacks that defeat MFA are easier than ever. So what are we to do? – Go Health Pro

Phishing attacks that defeat MFA are easier than ever. So what are we to do? – Go Health Pro

These sorts of adversary-in-the-middle attacks have grown increasingly common. In 2022, for instance, a single group used it in a series of attacks that stole more than 10,000 credentials from 137 organizations, and led to the network compromise of authentication provider Twilio, among others. One company that was targeted in the attack campaign but wasn’t … Read more

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs – Go Health Pro

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs – Go Health Pro

By Brian HIll A new study by the Ponemon Institute points to a concerning use of AI: deepfake attacks are on the rise and are taking a financial and reputational toll on companies and their executives. Related: Tools to fight deepfakes Deepfake Deception: How AI Harms the Fortunes and Reputations of Executives and Corporations details the … Read more

Alarms sound over attacks via Microsoft NTLM vulnerability – Go Health Pro

Alarms sound over attacks via Microsoft NTLM vulnerability – Go Health Pro

A vulnerability previously thought to be a low-priority was cast into the spotlight thanks to a newly revealed exploit in the wild.Administrators were advised to test and install Microsoft’s March security fixes to prevent exploitation of the flaw.Researchers with security vendor CheckPoint report finding active exploits in the wild targeting the Microsoft flaw designated as … Read more

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025 – Go Health Pro

News alert: SquareX to present on uncovering data splicing attacks at BSides San Francisco 2025 – Go Health Pro

Palo Alto, Calif, Apr. 16, 2025, CyberNewswire — SquareX researchers Jeswin Mathai and Audrey Adeline will be disclosing a new class of data exfiltration techniques at BSides San Francisco 2025. Titled “Data Splicing Attacks: Breaking Enterprise DLP from the Inside Out”, the talk will demonstrate multiple data splicing techniques that will allow attackers to exfiltrate any … Read more

PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks – Go Health Pro

PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks – Go Health Pro

Apr 07, 2025Ravie LakshmananCloud Security / Cryptocurrency A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets. “Recipients of the bulk spam are targeted with a cryptocurrency seed phrase … Read more