Device code phishing enabled hackers to bypass multifactor authentication without credentials.
Related Articles
All CyberSecurityDive →
Ahold Delhaize confirms data stolen after threat group claims credit for November attack
Ahold Delhaize confirmed Thursday that certain files from its U.S. operations were stolen in a November cyberattack after a threat group claimed credit for the…
Xerox patches critical vulnerability in FreeFlow Core application
Xerox has issued a security upgrade for critical and high-severity vulnerabilities in its FreeFlow Core product that researchers said could have allowed an attacker to…
Acting CISA chief defends workforce cuts, declares agency ‘back on mission’
Table of Contents CISA turmoil over layoffs, transfers Election security concerns CIRCIA update Listen to the article 9 min This audio is auto-generated. Please let…
Ransomware insurance losses spike despite fewer claims: Resilience
Dive Brief: The financial fallout of ransomware attacks is climbing even as the number of cyber insurance claims falls, cyber risk management firm Resilience said…
Emerging botnet exploits TP-Link router flaw posing risk to US organizations
A new IoT botnet that exploits a remote code execution (RCE) flaw in TP-Link Archer routers has been targeting U.S. organizations since January, with thousands…
Iran-linked hackers target US transportation, manufacturing firms
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Hackers linked to the Iranian government have…