Chinese Hackers Target U.S. Campaign Phones: A Persistent Threat
Chinese Hackers Target U.S. Campaign Phones: A Persistent Threat Introduction: Foreign Interference in the 2024 Election With the U.S. presidential election nearing, foreign interference continues to pose significant risks. Recently, Chinese hackers infiltrated Verizon’s communications systems, targeting phones linked to the campaigns of Kamala Harris, Donald Trump, and JD Vance. This breach, while [...]
Critical Vulnerabilities in ScreenConnect: A Call to Action for Enhanced Cybersecurity Measures
ScreenConnect, a widely utilized remote desktop and access software, recently found itself at the center of cybersecurity scrutiny after ConnectWise disclosed two critical vulnerabilities. These vulnerabilities, identified as CVE-2024-1708 and CVE-2024-1709, were labeled as presenting a maximum severity authentication bypass and a high-severity path traversal flaw, respectively. These security gaps posed [...]
U.S. Govt Issues Microsoft Office 365 Security Best Practices
Updated and Expanded: U.S. Government Issues Microsoft 365 Security Best Practices Introduction The Cybersecurity and Infrastructure Security Agency (CISA), a division of the U.S. Department of Homeland Security, issued security best practices to mitigate risks associated with migrating email services to Microsoft 365 (formerly Office 365). These guidelines, originally released in May 2019 [...]
North Korean Hackers Use ELECTRICFISH Malware to Steal Data
North Korean Hackers Use ELECTRICFISH Malware to Steal Data. The Federal Bureau of Investigation (FBI) and the U.S. Department of Homeland Security (DHS) have issued a joint malware analysis report (MAR) on a malware strain dubbed ELECTRICFISH, used by the North Korean APT group Lazarus for data exfiltration from victims. According to the [...]