Headlines
Russian Espionage Tool Provides Backdoor Access To Microsoft Outlook
The notorious Russia-linked APT28 threat group, also known as “FancyBear,” has been caught deploying a Microsoft Outlook backdoor which allows them to steal data, upload files, and execute commands. The campaign uses a VBA macro for Outlook to monitor incoming emails for a specific trigger word. When this trigger is detected, the threat actor is able to take control of the victim’s computer.
Massive Supply Chain Breach Hits npm: 2 Billion Weekly Downloads Compromised
A single phishing email let a threat actor compromise over 18 npm packages downloaded nearly 2 billion times a week. With that kind of access, they could have planted backdoors, stolen API keys, or sabotaged thousands of applications. Instead, they injected noisy crypto-stealer malware. After the dust settled, the attackers made off with just $500.
Apple’s New iPhone Brings Major Security Advances To Fight Spyware
Apple held their annual iPhone event this week. The headline announcement for security pros? A new security feature designed to protect against advanced spyware attacks: Memory Integrity Enforcement. Ivan Krstić, Apple’s Head of Security Engineering and Architecture, described MIE as “the most significant upgrade to memory safety in the history of consumer operating systems.”
CISA Issues New Guide For Securing Software Supply Chains
CISA, the US cybersecurity agency, has issued new advice aimed to increase transparency for software supply chains. This guide provides advice for software vendors and operators on the importance of implementing Software Bill Of Materials (SBOM) to secure software supply chains and their components.
From Expert Insights
Podcast: Meet The Women Shaping The Future Of Cybersecurity: A New Podcast From Expert Insights
We’re beyond excited to launch our brand-new podcast series, created to shine a spotlight on the women shaping the future of cybersecurity. This isn’t just another industry podcast. Women In Cyber is where technical know-how meets powerful storytelling.
Article: Does Managed Detection and Response (MDR) Really Work?
This article explores the importance of MDR, how it works, how it complements and improves traditional security controls, and what impacts it can really have on business security.
Article: Do Spam Filters Cause You To Lose Important Emails? Here’s The Truth
While spam filters are certainly an effective (and cost-effective!) way to improve employee productivity and protect your organization against email-based cyberthreats, some users report concerns around their spam filters blocking legitimate communications. So, what can you do to make sure your spam filter only blocks unwanted emails?
More News
- The Register: Supermarket giant Tesco sues VMware, warns lack of support could disrupt food supply
- CybersecurityDive: Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B
- TheHackerNews: CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
- TheRecord: Cyberattack on Jaguar Land Rover threatens to hit British economic growth
- PeakMetrics: The Use of AI Bots to Discredit Ukraine
- U.S. Department of Justice: “LockerGoga,” “MegaCortex,” and “Nefilim” Ransomware Administrator Charged with Ransomware Attacks
Buyers’ Guides
Discover More
Podcasts
Advertising
About Expert Insights
Expert Insights helps security and IT professionals make smarter, faster cybersecurity decisions.
Join our community, stay ahead with our podcasts, and get essential insights in our weekly newsletter. Trusted by over one million businesses.
