The crew behind the 3AM strain of ransomware has been hitting companies using a familiar playbook: flood the target with junk emails, follow up with a fake IT call, and convince someone to hand over remote access. It’s not new, but it still works. Probably more than it should.
This kind of attack was first seen with the Black Basta gang, then picked up by FIN7. Thanks to leaked chat logs and shared templates, it’s now being copied by others. Sophos tracked 55 attacks between November and January that used the same tactics, tied to two different threat actor groups. [Read more…]
Microsoft is quietly pushing out a OneDrive update that’s catching IT departments off guard. A new feature prompts users—by default—to connect their personal OneDrive accounts to corporate machines. No setup needed. The feature just appears and offers a quick, seamless sync between personal and business storage.
Microsoft is shifting new account signups away from passwords and toward passkeys. It’s part of a broader industry effort, with companies like Google and Apple also pushing for a future where stolen credentials are no longer a threat. This move sounds like progress, but there’s more going on beneath the surface.
Apple just pushed out emergency updates across iOS, macOS, and other platforms to squash two zero-day bugs that were actively being exploited. But before you panic: unless you’re someone Apple might actually send a holiday card to, you’re probably not the target. Their official language? These vulnerabilities were used against “specific targeted individuals.” Translation: celebrities, high-ranking officials, or people who pay someone else to clean their AirPods.
So… turns out one of the leading enterprise security products forgot the “security” part. More than 16,000 Fortinet devices exposed to the internet have been found carrying a persistent symlink backdoor—one that grants read-only access to sensitive files.