Webinar: Kickstarting Your SaaS Security Strategy & Program
SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they...
News
N. Korea’s BlueNoroff Blamed for Hacking macOS Machines with ObjCShellz Malware
The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf...
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and...
Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws
Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7...
Offensive and Defensive AI: Let’s Chat(GPT) About It
ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can...
Experts Expose Farnetwork’s Ransomware-as-a-Service Business Model
Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS)...
Confidence in File Upload Security is Alarmingly Low. Why?
Numerous industries—including technology, financial services, energy, healthcare, and government—are rushing to incorporate cloud-based and containerized web applications. The benefits are...
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which...
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting...
Migrating to post-quantum cryptography
Migrating to post-quantum cryptography In 2020, the NCSC published a white paper on https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography" target="_self">Preparing for Quantum-Safe Cryptography. This paper...
Iranian Hackers Launch Destructive Cyber Attacks on Israeli Tech and Education Sectors
Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced...
Cybercrime service bypasses Android security to install malware
A new dropper-as-a-service (DaaS) cybercrime operation named 'SecuriDropper' has emerged, using a method that bypasses the 'Restricted Settings' feature in Android...
QNAP warns of critical command injection flaws in QTS OS, apps
QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system...
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber...
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks
Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously...
Hackers exploit Looney Tunables Linux bug, steal cloud creds
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified...
Veeam warns of critical bugs in Veeam ONE monitoring platform
Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two...
US sanctions Russian who laundered money for Ryuk ransomware affiliate
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions...
Samsung Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
Security Agency Publishes Post-Quantum Guidance For Firms
The UK’s National Cyber Security Centre (NCSC) has released more information designed to help organizations migrate their systems to post-quantum...
Okta Breach Hit Over 130 Customers
A security breach at identity and access management (IAM) specialist Okta impacted over 130 of its customers, a handful of...
Russian National Sanctioned For Virtual Currency Money Laundering
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned a Russian national for her involvement...
Spy Trojan SpyNote Unveiled in Attacks on Gamers
The SpyNote Trojan, camouflaged as a mod for the game Roblox, has been observed targeting Android users. This mobile malware can...
US, Japan and South Korea Unite to Counter North Korean Cyber Activities
The US, Japan and South Korea have established a high-level consultative body designed to counter North Korea’s cyber activities.A key...
