Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and...
News
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader...
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing...
Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy
Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar, months after piloting the feature in...
CISOs Are Stressed Out and It’s Putting Companies at Risk
Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of...
Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT....
New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within...
Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
Romanian cybersecurity company Bitdefender has released a free decryptor for a new ransomware strain known as MortalKombat. MortalKombat is a...
Application Security vs. API Security: What is the difference?
As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever...
APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia
The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia....
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known...
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said...
How to Tackle the Top SaaS Challenges of 2023
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan...
Researchers Share New Insights Into RIG Exploit Kit Malware’s Operations
The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal....
Shocking Findings from the 2023 Third-Party App Access Report
Spoiler Alert: Organizations with 10,000 SaaS users that use M365 and Google Workspace average over 4,371 additional connected apps. SaaS-to-SaaS...
PureCrypter Malware Targets Government Entities in Asia-Pacific and North America
Government entities in Asia-Pacific and North America are being targeted by an unknown threat actor with an off-the-shelf malware downloader...
ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from...
PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks
The PlugX remote access trojan has been observed masquerading as an open source Windows debugger tool called x64dbg in an...
How to Tackle the Top SaaS Challenges of 2023
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan...
How to Tackle the Top SaaS Challenges of 2023
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan...
Dutch Police Arrest 3 Hackers Involved in Massive Data Theft and Extortion Scheme
The Dutch police announced the arrest of three individuals in connection with a "large-scale" criminal operation involving data theft, extortion,...
NSA shares guidance on how to secure your home network
The U.S. National Security Agency (NSA) has issued guidance to help remote workers secure their home networks and defend their...
VMware warns admins of critical Carbon Black App Control flaw
VMware has released a critical security upgrade to address a critical injection vulnerability that impacts several versions of Carbon Black...
New S1deload Stealer malware hijacks Youtube, Facebook accounts
An ongoing malware campaign targets YouTube and Facebook users, infecting their computers with a new information stealer that will hijack...
