Sensitive Data Sharing Risks Heightened as GenAI Surges
Generative AI applications are now used in 96% of organizations, increasing the risk of sensitive data being shared with these...
News
CISA: Patch Critical GeoServer GeoTools Bug Now
The US Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal government agencies to patch a critical vulnerability in a...
ICO Reprimands London Council for Mass Data Breach
A London Council has been reprimanded for cybersecurity failings that led to a data breach affecting at least 280,000 residents.The...
Understanding NullBulge, the New AI-Fighting ‘Hacktivist’ Group
NullBulge is a new threat actor emerged in Spring 2024, targeting AI-centric applications and games.The group claimed on July 12...
Qilin Ransomware’s Sophisticated Tactics Unveiled By Experts
Security researchers have unveiled more information about the Qilin ransomware group, which recently targeted the healthcare sector with a $50...
Paris 2024 Olympics Face Escalating Cyber-Threats
Cybersecurity analysts have warned of a significant uptick in cyber-threats targeting the upcoming Paris 2024 Olympics. According to a recent report...
North Korean Hackers Update BeaverTail Malware to Target MacOS Users
Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People's Republic...
Critical Vulnerability in GitLab Products
GitLab has released security updates addressing a critical vulnerability (CVE-2024-6385) in their GitLab Community Edition (CE) and Enterprise Edition (EE)...
Critical Vulnerability in Exim Software
Exim has released security updates addressing a critical vulnerability (CVE-2024-39929) in their mail transfer agent (MTA). Successful exploitation of the vulnerability...
FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums
The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely...
Navigating Insider Risks: Are your Employees Enabling External Threats?
Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable...
China-linked APT17 Targets Italian Companies with 9002 RAT Malware
A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a...
Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks
The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal,...
Critical Apache HugeGraph Vulnerability Under Attack – Patch ASAP
Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code...
Half of SMEs Unprepared for Cyber-Threats
Around half (49%) of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats,...
Kaspersky to Quit US Following Commerce Department Ban
Security vendor Kaspersky is set to wind down its business operations in the US following a Commerce Department decision to...
Two-Fifths of Senior Citizens Suffer Frequent Fraud Attempts
Two-fifths (40%) of elderly adults in the UK experience mostly phone-based fraud attempts on a daily, weekly or monthly basis,...
Hacktivists Claim Leak Over 1 Terabyte of Disney Data
A hacktivist group claims to have stolen and leaked over a terabyte of data from Diseny’s internal slack channels.The 1.1...
Hacktivist Groups Target Romania Amid Geopolitical Tensions
Security researchers have observed increased geopolitical DDoS attacks against Romania.The data comes from recent research conducted by ASERT, which also...
MHTML Exploited By APT Group Void Banshee
Security experts have uncovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-38112, within the MHTML protocol handler. This vulnerability,...
Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor
MuddyWater, an Iranian threat group, has recently started using a new, tailor-made backdoor to attack IT systems in the Middle...
‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins
Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to...
Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack...
Threat Prevention & Detection in SaaS Environments – 101
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and...
