Critical Vulnerability in Palo Alto Networks Expedition Migration Tool
Palo Alto Networks has released security updates addressing a critical vulnerability (CVE-2024-5910) in their Expedition migration tool.Successful exploitation of the...
News
Ever Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This Webinar
In today's digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking...
U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation
The U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that...
Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments
A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver...
Fraud Campaign Targets Russians with Fake Olympics Tickets
A broad network of 708 fraudulent web domains is being used to sell fake sporting and musical events tickets, primarily...
Huione Guarantee Marketplace Exposed as Front for Cybercrime
Cryptocurrency investigators have claimed a popular online marketplace in South-East Asia is actually being used primarily by money launderers and...
Ransomware Surges Annually Despite Law Enforcement Takedowns
The number of successful ransomware attacks advertised on leak sites increased 9% year-on-year (YoY) in the first quarter of 2024...
CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities
The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities.The alert...
High-Severity Vulnerability Affecting Microsoft Outlook
Microsoft has released security updates to address a high-severity vulnerability (CVE-2024-38021) in their Outlook applications.Successful exploitation of the vulnerability could...
Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk
The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an "advanced and upgraded version" of...
60 New Malicious Packages Uncovered in NuGet Supply Chain Attack
Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of...
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that...
Streamlined Security Solutions: PAM for Small to Medium-sized Businesses
Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent...
New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign
Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called...
PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks
Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency...
High-Severity Vulnerability in VMware Aria Automation Product
VMware has released security updates to address a high-severity vulnerability (CVE-2024-22280) in their Aria Automation product.Successful exploitation of this structured...
GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs
GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical...
Most Security Pros Admit Shadow SaaS and AI Use
Almost three-quarters (73%) of cybersecurity professionals have used unsanctioned apps including AI in the past year, according to a new...
Microsoft Fixes Four Zero-Days in July Patch Tuesday
Sysadmins have a busy time ahead this month after Microsoft issued updates for over 140 CVEs, including four zero-day vulnerabilities.The...
Russian Media Uses AI-Powered Software to Spread Disinformation
Russian state-sponsored media organization RT, formerly Russia Today, has used AI-powered software to create authentic-looking social media personas en masse...
Ransomware Groups Prioritize Defense Evasion for Data Exfiltration
Ransomware attackers are applying a significant focus on defense evasion tactics to increase dwell time in victim networks, according to...
Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability
Security researchers have uncovered a critical vulnerability, CVE-2024-38021, affecting most Microsoft Outlook applications. This zero-click remote code execution (RCE) vulnerability, now...
Smishing Triad Targets India with Fraud Surge
A recent surge in fraudulent smishing attacks impersonating India Post, the government-operated postal system, has prompted warnings from Indian authorities...
New Ransomware Group Exploiting Veeam Backup Software Vulnerability
A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as...
