Telegram Agrees to Share User Data With Authorities for Criminal Investigations
In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone...
News
US-CERT Vulnerability Summary for the Week of September 16, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 16-22)
Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling...
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in...
Why ‘Never Expire’ Passwords Can Be a Risky Decision
Password resets can be frustrating for end users. Nobody likes being interrupted by the 'time to change your password' notification...
Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls
Popular social messaging platform Discord has announced that it's rolling out a new custom end-to-end encrypted (E2EE) protocol to secure...
New PondRAT Malware Hidden in Python Packages Targets Software Developers
Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a...
Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk
A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead...
LinkedIn Halts AI Data Processing in U.K. Amid Privacy Concerns Raised by ICO
The U.K. Information Commissioner's Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users' data in...
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber...
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now...
Ukraine Bans Telegram Use for Government and Military Personnel
Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical...
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO
The U.K. Information Commissioner's Office (ICO) has confirmed that professional social networking platform LinkedIn has suspended processing users' data in...
Passwordless AND Keyless: The Future of (Privileged) Access Management
In IT environments, some secrets are managed well and some fly under the radar. Here's a quick checklist of what...
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen...
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the...
Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature
Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux,...
Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the...
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from...
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected...
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS)...
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the...
Healthcare’s Diagnosis is Critical: The Cure is Cybersecurity Hygiene
Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is...
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result...
