Webinar – Making PAM Great Again: Solving the Top 5 Identity Team PAM Challenges
Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security...
News
Major Cybersecurity Agencies Collaborate to Unveil 2022’s Most Exploited Vulnerabilities
A four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited...
FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022
In collaboration with CISA, the NSA, and the FBI, Five Eyes cybersecurity authorities have issued today a list of the...
Chrome malware Rilide targets enterprise users via PowerPoint guides
The malicious Rilide Stealer Chrome browser extension has returned in new campaigns targeting crypto users and enterprise employees to steal...
US govt contractor Serco discloses data breach after MoveIT attacks
Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the...
New Microsoft Azure AD CTS feature can be abused for lateral movement
Microsoft's new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface...
Hacktivists fund their operations using common cybercrime tactics
Hacktivist groups that operate for political or ideological motives employ a broad range of funding methods to support their operations....
Brave Search adds private image and video search capability
The privacy-focused search engine Brave Search has finally introduced its own, independent image and video search capabilities, breaking free from...
Hackers can abuse Microsoft Office executables to download malware
The list of LOLBAS files - legitimate binaries and scripts present in Windows that can be abused for malicious purposes,...
Manufacturing Sector Reeling From Financial Costs of Ransomware
The enormous global costs of ransomware attacks on the manufacturing sector have been laid bare in a new analysis by...
Ivanti Discloses Yet Another Critical Flaw
Security vendor Ivanti has disclosed yet another critical vulnerability in its products, linked to a previous zero-day that was exploited...
Menlo Leverages Advanced Technology to Combat Surging Browser Threats
With the deployment of software-as-a-service tools, like Workday and Salesforce to name a few, workers are now spending more time...
Cocaine Smugglers that Posed as PC Sellers Jailed
Several members of an organized crime group (OGC) have been sentenced after police secretly monitored tens of thousands of messages...
Hundreds of Citrix Endpoints Compromised With Webshells
Around 600 global Citrix servers have been compromised by a zero-day exploit enabling webshells to be installed, according to a non-profit...
Humans Unable to Reliably Detect Deepfake Speech
Humans cannot detect deepfake speech 27% the time, researchers from University College London (UCL) have found during a recent study.The...
Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks
Microsoft Threat Intelligence has recently detected a series of highly targeted social engineering attacks employing credential theft phishing lures delivered...
Hacktivist Collective “Mysterious Team Bangladesh” Revealed
Threat intelligence experts from Group-IB have shed light on the hacktivist collective known as Mysterious Team Bangladesh.In a report published...
Cisco Talos Discusses Flaws in SOHO Routers Post-VPNFilter
Cisco Talos has published a list of numerous vulnerabilities in small and home office (SOHO) and industrial wireless routers.In their...
Cyber-Attacks Targeting Government Agencies Increase 40%
Cyber-attacks against government agencies and public sector services are up 40% in the second quarter of 2023 compared to the...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners
Threat actors are leveraging a technique called versioning to evade Google Play Store's malware detections and target Android users. "Campaigns...
Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to...
A Penetration Testing Buyer’s Guide for IT Security Teams
The frequency and complexity of cyber threats are constantly evolving. At the same time, organizations are now collecting sensitive data...
New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3
Cybersecurity researchers have discovered a new version of malware called Rilide that targets Chromium-based web browsers to steal sensitive data...
