Where SSO Falls Short in Protecting SaaS
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one...
News
President Biden Signs Executive Order Restricting Use of Commercial Spyware
U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government...
Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe
A new phishing campaign has set its sights on European entities to distribute Remcos RAT and Formbook via a malware...
Where SSO Falls Short in Protecting SaaS
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one...
Breaking the Mold: Pen Testing Solutions That Challenge the Status Quo
Malicious actors are constantly adapting their tactics, techniques, and procedures (TTPs) to adapt to political, technological, and regulatory changes quickly....
New MacStealer macOS malware steals passwords from iCloud Keychain
A new info-stealing malware named MacStealer is targeting Mac users, stealing their credentials stored in the iCloud KeyChain and web browsers,...
New IcedID variants shift from bank fraud to malware delivery
New IcedID variants have been found without the usual online banking fraud functionality and instead focus on installing further malware...
Hackers earn $1,035,000 for 27 zero-days exploited at Pwn2Own Vancouver
Pwn2Own Vancouver 2023 has ended with contestants earning $1,035,000 and a Tesla Model 3 car for 27 zero-day (and several...
Twitter takes down source code leaked online, hunts for downloaders
Twitter has taken down internal source code for its platform and tools that was leaked on GitHub for months. Now it's...
Exchange Online to block emails from vulnerable on-prem servers
Microsoft is introducing a new Exchange Online security feature that will automatically start throttling and eventually block all emails sent...
Apple Issues Urgent Security Update for Older iOS and iPadOS Models
Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked...
Where SSO Falls Short in Protecting SaaS
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one...
US-CERT Vulnerability Summary for the Week of March 13, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison
Conor Brian Fitzpatrick, the 20-year-old founder and the administrator of the now-defunct BreachForums has been formally charged in the U.S....
Where SSO Falls Short in Protecting SaaS
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one...
Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools
Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and...
Where SSO Falls Short in Protecting SaaS
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one...
New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords
A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices....
FBI: Business email compromise tactics used to defraud U.S. vendors
The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email...
Emotet malware distributed as fake W-9 tax forms from the IRS
A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue...
US-CERT Vulnerability Summary for the Week of March 13, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New Dark Power ransomware claims 10 victims in its first month
A new ransomware operation named 'Dark Power' has appeared, and it has already listed its first victims on a dark...
Inaudible ultrasound attack can stealthily control your phone, smart speaker
American university researchers have developed a novel attack called "Near-Ultrasound Inaudible Trojan" (NUIT) that can launch silent attacks against devices...
Russia’s Rostec allegedly can de-anonymize Telegram users
Russia's Rostec has reportedly bought a platform that allows it to uncover the identities of anonymous Telegram users, likely to...
