Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments
High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor...
News
Syxsense Platform: Unified Security and Endpoint Management
As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize...
CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog,...
Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks
A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to...
Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity
The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity...
Why Healthcare Can’t Afford to Ignore Digital Identity
Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. — by Gus Malezis, CEO...
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors....
Why Healthcare Can’t Afford to Ignore Digital Identity
Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. — by Gus Malezis, CEO...
Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps
A suspected Pakistan-aligned advanced persistent threat (APT) group known as Transparent Tribe has been linked to an ongoing cyber espionage...
Shein’s Android App Caught Transmitting Clipboard Data to Remote Servers
An older version of Shein's Android application suffered from a bug that periodically captured and transmitted clipboard contents to a...
LastPass Hack: Engineer’s Failure to Update Plex Software Led to Massive Data Breach
The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home...
Core DoppelPaymer ransomware gang members targeted in Europol operation
Europol has announced that law enforcement in Germany and Ukraine targeted two individuals believed to be core members of the...
FTC to ban BetterHelp from sharing mental health data with advertisers
The Federal Trade Commission (FTC) has proposed to ban the online counseling service BetterHelp from sharing its customers’ sensitive mental...
How to prevent Microsoft OneNote files from infecting Windows with malware
The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach...
Securing cloud workloads with Wazuh – an open source, SIEM and XDR platform
Organizations rapidly adopt the cloud as they rely heavily on data and technology to drive their businesses. These organizations utilize...
Old Windows ‘Mock Folders’ UAC bypass used to drop malware
A new phishing campaign targets organizations in Eastern European countries with the Remcos RAT malware with aid from an old...
Sandbox blockchain game breached to send emails linking to malware
The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating...
New malware infects business routers for data theft, surveillance
An ongoing hacking campaign called 'Hiatus' targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and...
Proof-of-Concept released for critical Microsoft Word RCE bug
A proof-of-concept for CVE-2023-21716, a critical vulnerability in Microsoft Word that allows remote code execution, has been published over the...
From Disinformation to Deep Fakes: How Threat Actors Manipulate Reality
Deep fakes are expected to become a more prominent attack vector. Here's how to identify them. What are Deep Fakes?#...
New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims
A never-before-seen complex malware is targeting business-grade routers to covertly spy on victims in Latin America, Europe, and North America...
Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine
Law enforcement authorities from Germany and Ukraine have targeted suspected core members of a cybercrime group that has been behind...
Experts Reveal Google Cloud Platform’s Blind Spot for Data Exfiltration Attacks
Malicious actors can take advantage of "insufficient" forensic visibility into Google Cloud Platform (GCP) to exfiltrate sensitive data, a new...
Experts Discover Flaw in U.S. Govt’s Chosen Quantum-Resistant Encryption Algorithm
A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of...
