Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain
Pathology services provider Synnovis has rebuilt “substantial parts” of its systems since the ransomware attack on June 3, 2024, restoring...
News
Despite Bans, AI Code Tools Widespread in Organizations
Organizations are concerned about security threats stemming from developers using AI, according to a new Checkmarx report.The cloud-native application security...
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS)...
Offensive AI: The Sine Qua Non of Cybersecurity
"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that...
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly...
Onyx Sleet uses array of malware to gather intelligence for North Korea
On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat...
Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk
Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw...
Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining
Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining....
CrowdStrike Warns of New Phishing Scam Targeting German Customers
CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious...
Malware Attacks Surge 30% in First Half of 2024
Malware-based threats surged in the first half of 2024, up by 30% compared to the same period in 2023, according...
Most IT Leaders Say Severity of Cyber-Attacks has Increased
Nine in 10 of IT leaders have said that the risk and severity of cyber-attacks has increased over the past...
6 Types of Applications Security Testing You Must Know About
While the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy...
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the...
Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to...
Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform
Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit...
Webinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser Security
The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least...
New Chrome Feature Scans Password-Protected Files for Malicious Content
Google said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser. "We...
Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep...
CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND)...
CrowdStrike Shares How a Rapid Response Content Update Caused Global Outage
Read more coverage on the CrowdStrike IT outage: CrowdStrike Fault Causes Global IT Outages Cybercriminals Exploit CrowdStrike Outage ChaosCrowdStrike has...
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
Cybersecurity awareness training company KnowBe4 has revealed it was duped into hiring a fake IT worker from North Korea, resulting...
Google Criticized for Abandoning Cookie Phase-Out
Google has been criticized for its decision to abandon plans to phase out third-party cookies in the Chrome browser, with...
Multiple Vulnerabilities Affecting LangChain Gen AI
Palo Alto Networks researchers have identified two vulnerabilities (CVE-2023-46229 and CVE-2023-44467) in LangChain, a popular open source generative AI framework...
How a Trust Center Solves Your Security Questionnaire Problem
Security questionnaires aren't just an inconvenience — they're a recurring problem for security and sales teams. They bleed time from...
