Passkey Redaction Attacks: A Threat to Data Privacy

Passkey redaction attacks involve exploiting weaknesses in the process of concealing sensitive information, such as passwords or API keys, from logs or documents. Attackers can reverse-engineer or retrieve hidden data, gaining unauthorized access to systems. To prevent passkey redaction attacks, organizations must ensure proper encryption, use secure redaction tools, and regularly audit their data protection processes.

ResolverRAT Attacking Healthcare and Pharmaceutical Via Sophisticated Phishing Attacks

Shocking Rise: ResolverRAT Attacking Healthcare and Pharmaceutical Via Sophisticated Phishing Attacks

Ravi Jain
The source describes ResolverRAT, a sophisticated new remote access trojan identified in 2025 that primarily targets the healthcare and pharmaceutical industries. This malware is particularly dangerous because it executes solely in memory, employs advanced encryption, and utilizes unique loader architecture to evade detection by traditional security measures. ResolverRAT is disseminated through highly tailored, region-specific phishing emails containing fear-inducing narratives to trick recipients into downloading disguised executable files. The impact on healthcare is severe, potentially leading to data breaches, financial losses, and reputational damage due to the sensitive nature of patient data and research. The text suggests that combating this threat requires a multi-layered cybersecurity approach, including advanced monitoring, threat hunting, employee training, and robust endpoint detection and response tools. ... Read More
“Cookie Bite” Entra ID Attack Exposes Microsoft 365

“Cookie Bite” Entra ID Attack Exposes Microsoft 365: A Critical Cloud Security Wake-Up Call

Ravi Jain
“Cookie Bite” attack, a novel method where malicious browser extensions steal authentication cookies like ESTSAUTH and ESTSAUTHPERSISTENT from users of Microsoft 365 and Azure Entra ID. By leveraging these cookies, attackers can bypass Multi-Factor Authentication (MFA) and hijack legitimate sessions, gaining unauthorized access to services like Outlook, Teams, and SharePoint. This attack is particularly dangerous because it operates within the browser and does not require system-level compromise, making it difficult to detect through traditional security measures. The article highlights the risks of this attack, including data exfiltration and internal impersonation, and outlines mitigation strategies such as monitoring risk-based sign-ins, implementing browser-level protections, and limiting session persistence. It also introduces Technijian's security services as a solution to protect against this and similar threats. ... Read More

USAA Pays $3.25 Million to Settle Data Breach Class Action Lawsuit

Ravi Jain
USAA will pay $3.25 million to settle a class-action lawsuit stemming from a 2021 cyberattack that exposed the personal data of over 22,000 customers. While USAA denies any wrongdoing, the settlement aims to avoid further litigation costs. Individuals whose data was compromised and who received notification had until April 7, 2025, to file a claim for a portion of the settlement, the final amount depending on the number of valid claims and deductions. The final approval hearing is set for May 21, 2025, with payments expected to follow. The provided text also includes FAQs about the settlement and promotional content for a cybersecurity company. ... Read More
Alarming Upgrades in Tycoon2FA

Alarming Upgrades in Tycoon2FA: The Evolving Threat to Microsoft 365 Security

Ravi Jain
Emergence and increasing sophistication of Tycoon2FA, a Phishing-as-a-Service platform specifically designed to bypass multi-factor authentication, particularly for Microsoft 365 and Gmail accounts. It highlights new evasion techniques employed by Tycoon2FA, such as invisible Unicode characters, custom CAPTCHAs, and anti-debugging scripts, making it a significant threat. The text also discusses a surge in phishing attacks leveraging malicious SVG files to deliver credential-stealing JavaScript. Finally, it offers recommendations for defense, including blocking SVG attachments, using phishing-resistant MFA, and enhancing employee awareness, while also briefly introducing Technijian as a provider of relevant security services. ... Read More
Oracle Hit by Second Cyberattack

Oracle Hit by Second Cyberattack in a Month: FBI Investigates Stolen Login Data

Ravi Jain
Oracle experienced its second cybersecurity incident within a month, this time involving the theft of customer login credentials, including usernames, encrypted passwords, and passkeys from a legacy system. The FBI has initiated an investigation into this breach, which predominantly affected clients in the healthcare and enterprise sectors using older systems. While Oracle is conducting an internal audit and coordinating with law enforcement, cybersecurity experts have raised concerns about the company's security practices due to the repeated attacks. Affected users are advised to reset passwords and enable multi-factor authentication, as this incident highlights the increasing pressure on tech companies to fortify their digital defenses. The provided text also introduces Technijian, a cybersecurity firm offering services to help organizations protect themselves from such threats. ... Read More