There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment.
Still, nice piece of security analysis.
Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of
Lots of details that are beyond me. Blog moderation policy.
The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asyncshell. The attack