There is a Ransomware Armageddon Coming for Us All
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising...
News
Active Exploitation of Zero Day Vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways
Ivanti has disclosed two zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887) that are being actively exploited. The vulnerabilities are:- CVE-2023-46805: Successful exploitation of...
Mandiant’s X Account Was Hacked Using Brute-Force Attack
The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing...
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked...
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to...
Shinyhunters Member Gets 3 Years In Prison For Breaching 60 Firms
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution...
Pro Ukraine Hackers Breach Russian Isp In Revenge For Kyivstar Attack
A pro-Ukraine hacktivist group named ‘Blackjack’ has claimed a cyberattack against Russian provider of internet services M9com as a direct...
Fidelity National Financial Hackers Stole Data Of 13 Million People
Fidelity National Financial (FNF) has confirmed that a November cyberattack (claimed by the BlackCat ransomware gang) has exposed the data...
Fake 401k Year End Statements Used To Steal Corporate Credentials
Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports...
Windows 10 Kb5034441 Security Update Fails With 0x80070643 Errors
Windows 10 users worldwide report problems installing Microsoft's January Patch Tuesday updates, getting 0x80070643 errors when attempting to install the...
Mandiants X Account Hacked By Crypto Drainer As A Service Gang
Cybersecurity firm and Google subsidiary Mandiant says its Twitter/X account was hijacked last week by a Drainer-as-a-Service (DaaS) gang in what it...
Ivanti Warns Of Connect Secure Zero Days Exploited In Attacks
Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers...
Cisco Says Critical Unity Connection Bug Lets Attackers Get Root
Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched...
Ukrainian “Blackjack” Hackers Take Out Russian ISP
A hacking group linked to Ukraine’s main spy agency the SBU has launched a destructive cyber-attack against a Moscow ISP...
Microsoft Fixes 12 RCE Bugs in January Patch Tuesday
Microsoft has begun the year with patches for a near-half century of CVEs, although there were no zero-day bugs addressed...
Cyber Insecurity and Misinformation Top WEF Global Risk List
The latest World Economic Forum Global Risks Report 2024 highlighted the rising tide of cyber threats and places misinformation and...
Cyber Insurance Market to be Worth Over $90bn by 2033
The global cyber insurance market is projected to be worth $90.6bn by 2033, at a growth rate of 22.3% CAGR...
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over
Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to...
Only 4% of US States Fully Prepared for Cyber-Attacks Targeting Elections
Read more about cyber-threats to the 2024 US elections: Can We Protect the Ballot Box? Global Guide to Election Cyber...
Jan 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.The vulnerabilities that have been classified as...
NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining
A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since...
Free Decryptor Released for Black Basta and Babuk’s Tortilla Ransomware Victims
A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by...
Getting off the Attack Surface Hamster Wheel: Identity Can Help
IT professionals have developed a sophisticated understanding of the enterprise attack surface – what it is, how to quantify it...
Microsoft’s January 2024 Windows Update Patches 48 New Vulnerabilities
Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for...
