Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs
Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of...
News
French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks
State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's...
Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located...
New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration
A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the...
Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024
Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing...
Critical Vulnerabilities in ASUS’ Router Products
ASUS has released security updates to address two critical vulnerabilities (CVE-2024-3080 and CVE-2024-3912) in their router products. The vulnerabilities have...
Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T...
Cybersecurity Burnout Costing Firms $700m+ Annually
British and US enterprises may be throwing away as much as $756m each year through lost productivity due to burned-out...
G7 to Develop Cybersecurity Framework for Energy Sector
The G7 nations will develop a collective cybersecurity framework for operational technologies in energy systems, aimed at both manufacturers and...
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw
Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal...
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has...
Critical Vulnerabilities in VMware vCenter Server
VMware has released security updates addressing critical vulnerabilities (CVE-2024-37079 and CVE-2024-37080) affecting their vCenter Server products. The vulnerabilities have a...
Warning: Markopolo’s Scam Targeting Crypto Users via Fake Meeting Software
A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital...
New Case Study: Unmanaged GTM Tags Become a Security Nightmare
Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking...
New Threat Actor ‘Void Arachne’ Targets Chinese Users with Malicious VPN Installers
Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI)...
Mailcow Mail Server Flaws Expose Servers to Remote Code Execution
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors...
VMware Discloses Critical Vulnerabilities, Urges Immediate Remediation
VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, urging customers to immediately install updates...
Report Reveals Record Exploitation Rate For Load Balancers
Threat actors are increasingly targeting edge devices known as load balancers, according to new data from Action1 which revealed a...
92% of Organizations Hit by Credential Compromise from Social Engineering Attacks
More than nine in 10 (92%) organizations experienced an average of six credential compromises caused by email-based social engineering attacks...
Quarter of Firms Suffer an API-Related Breach
Digital transformation projects appear to be accelerating faster than organizations’ efforts to secure them, with nearly a quarter (23%) admitting they...
Signal Foundation Warns Against EU’s Plan to Scan Private Messages for CSAM
A controversial proposal put forth by the European Union to scan users' private messages for detection child sexual abuse material...
Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer
Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called...
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited...
New Malware Targets Exposed Docker APIs for Cryptocurrency Mining
Cybersecurity researchers have uncovered a new malware campaign that targets publicly exposed Docket API endpoints with the aim of delivering...
