Use of CSS stuffing as an obfuscation technique?, (Fri, Nov 21st)
From time to time, it can be instructive to look at generic phishing messages that are delivered...
Read More
Author: Cyberthreat Blog
SEC Drops SolarWinds Case After Years of High-Stakes Cybersecurity Scrutiny
The U.S. Securities and Exchange Commission (SEC) has abandoned its lawsuit against SolarWinds and its chief information security officer, alleging that the company had misled investors about the security practices that led to...
Read MoreSalesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity
Salesforce has warned of detected “unusual activity” related to Gainsight-published applications connected to the platform. “Our investigation indicates this activity may have enabled unauthorized access to...
Read More
Inside Iran’s Cyber Objectives: What Do They Want?
The regime’s cyber-espionage strategy employs dual-use targeting, collecting info that can...
Read More
Chinese APT Infects Routers to Hijack Software Updates
A unique take on the software update gambit has allowed “PlushDaemon” to evade...
Read More