OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a...
News
Webinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity Attacks
Identity theft isn't just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause...
GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks
The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to...
Blueprint for Success: Implementing a CTEM Operation
The attack surface isn't what it once was and it's becoming a nightmare to protect. A constantly expanding and evolving...
Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies
The supply chain attack targeting widely-used Polyfillio JavaScript library is wider in scope than previously thought, with new findings from...
New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks
Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang,...
Cisco NX-OS Remote Code Execution Vulnerability
A vulnerability has been identified in Cisco NX-OS. A remote attacker could exploit some of these vulnerabilities to trigger denial...
OpenSSH Remote Code Execution Vulnerability
A vulnerability was identified in OpenSSH. A remote attacker could exploit this vulnerability to trigger remote code execution on the...
Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to...
Brazil Halts Meta’s AI Data Processing Amid Privacy Concerns
Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data...
Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and...
Twilio’s Authy App Breach Exposes Millions of Phone Numbers
Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify...
APP Fraud Singled Out as Biggest Financial Crime Threat
Two-thirds (65%) of payments professionals see fraud as their most urgent financial crime threat, with authorized push payment (APP) scams...
Dozens of Arrests Disrupt €2.5m Vishing Gang
Spanish and Portuguese police have arrested 54 individuals suspected of participating in a massive vishing fraud scheme that has already...
New RUSI Report Exposes Psychological Toll of Ransomware, Urges Action
Beyond the headlines of stolen data and financial losses, a new report has shed light on the silent struggle of...
WordPress Plugins at Risk From Polyfill Library Compromise
WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by...
Half of Employees Fear Punishment for Reporting Security Mistakes
Half of employees fear repercussions from their organization if they report a security mistake, according to a report by ThinkCyber,...
Cyber Extortion Soars: SMBs Hit Four Times Harder
Cyber extortion continues to proliferate with an unprecedented number of threat actors and a 77% year-on-year growth in cyber extortion...
Microsoft Uncovers Major Flaws in Rockwell PanelView Plus
Microsoft’s cybersecurity team has uncovered two significant vulnerabilities in Rockwell Automation’s PanelView Plus, a type of human-machine interface (HMI) widely...
The Emerging Role of AI in Open-Source Intelligence
Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred...
Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool
Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called...
Vulnerabilities in PanelView Plus devices could lead to remote code execution
Microsoft discovered and responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that could be remotely exploited by unauthenticated attackers,...
FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks
The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by...
Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The...
