Microsoft has alerted users that hackers are targeting password reset processes to breach accounts. The activity is attributed to the group Storm-2949.
Microsoft issued the warning about ongoing efforts to exploit password resets for unauthorized access. The hackers involved are described as operating a methodical, sophisticated, and multi-layered campaign under the name Storm-2949.
Riportato dall'IA Immagine generata dall'IA
A cyberattack attributed to the Iran-aligned Handala Hack group has disrupted the Microsoft environment of medical device maker Stryker, paralyzing much of its global operations. The incident, which emerged shortly after US and Israeli airstrikes on Iran, involved data wiping across tens of thousands of computers. Stryker confirmed the attack is contained, with no impact on its critical medical devices.
Security specialists have raised alarms over the vulnerability of online accounts, stating that almost half of all passwords in use today can be broken within minutes.
Riportato dall'IA
Security researchers have flagged a new risk to users of Microsoft's Phone Link application. An unidentified threat actor is using the tool to steal SMS messages and one-time passwords.
Journalists reported mysterious phishing attempts by unknowns a few weeks ago. The Dutch secret service now holds Russia responsible for attacks on the messaging apps WhatsApp and Signal. The report explains how the attacks work and how users can protect themselves.
Riportato dall'IA
Google published proof-of-concept exploit code on Wednesday for a vulnerability in its Chromium browser that has gone unfixed for 29 months. The flaw affects Chrome, Microsoft Edge, and other Chromium-based browsers used by millions worldwide. It enables attackers to establish persistent connections for monitoring user activity and launching attacks.