Data Breaches in SaaS: Why Two-Thirds of Organizations Are at Risk
Data breaches in SaaS applications are a growing concern, with recent findings showing that one-third of organizations have been victims....
News
WPS Office Zero-Day Exploited by South Korean Cyber Spies
In a new cyber-espionage campaign, a South Korean APT has exploited a WPS Office zero-day vulnerability to deploy a sophisticated...
Money Laundering: The Leading Fraud Type in UK Courts
Money laundering has emerged as the most prevalent type of fraud by value in UK courts, with significant increases in...
MOVEit Data Breach Exposes Personal Data of Over 500,000 TDECU Members
In a major data breach, the MOVEit file transfer software has put the personal data of over half a million...
Microsoft 365 Copilot Vulnerability: User Data Risks Exposed
A recently disclosed vulnerability in Microsoft 365 Copilot has exposed significant risks to user data, raising concerns among organizations worldwide....
Attempted Extortion: IT Engineer Charged for Hacking Former Employer
A former IT engineer is facing serious charges after an alleged plot to extort his previous employer in Missouri. This...
LummaC2 Infostealer: Resurgence of Obfuscated PowerShell Tactics
LummaC2, a potent infostealer malware, has resurfaced with advanced obfuscated PowerShell techniques threatening sensitive data integrity. LummaC2 is an infostealer...
Iranian Hackers Collaborate with Ransomware Groups to Target US Organizations
Iranian hackers have been implicated in aiding ransomware attacks on US organizations, showcasing a concerning trend in cyber espionage. Read...
Tickler Backdoor: New Cyber Threat from Iran-Backed Peach Sandstorm Hackers
The newly identified Tickler backdoor, crafted by the Iran-backed Peach Sandstorm hacking group, poses significant risks to various sectors. Peach...
Ransomware Attacks Expose 6.7 Million Records: The Alarming Trend in US Schools
Ransomware attacks on US schools have dramatically increased, exposing 6.7 million records since 2018. This pressing issue highlights the urgent...
Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations
Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which...
French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform
French prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging...
Microsoft Edge Multiple Vulnerabilities
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain...
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw...
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware...
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source...
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to...
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute...
Google Chrome Multiple Vulnerabilities
Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
SUSE Linux Kernel Multiple Vulnerabilities
Multiple vulnerabilities were identified in SUSE Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial...
macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users
Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a...
CTEM in the Spotlight: How Gartner’s New Categories Help to Manage Exposures
Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations...
Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors
The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of...
