Blog
Reimagining Network Pentesting With Automation
Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making. This blog acts...
Red Roof Hotels Claims Cybersecurity Incident Did Not Involve Guest Data
Hotel company Red Roof experienced a ransomware attack in September, but fortunately, no guest data was compromised. The attack was detected when suspicious activity was noticed, leading to the discovery of ransomware.
Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks
Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been tied to a nation-state group known as APT29, which is also tracked as...
Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally
The Russian SVR cyber actors are exploiting a vulnerability in JetBrains TeamCity software to gain access to software developers' networks and potentially conduct supply chain operations.
EU’s Internet Reforms Will Undermine a Decade of Advances in Online Security
The proposed eIDAS 2.0 bill in the European Union threatens online privacy and security by revoking web browsers' ability to independently test the authenticity and trustworthiness of certificate authorities.
Update: Hackers are Exploiting Critical Apache Struts Flaw Using Public PoC
Hackers are actively exploiting a critical vulnerability in Apache Struts that allows for remote code execution, potentially leading to unauthorized access, data theft, and network disruption.
Silent, Yet Powerful Pandora hVNC, The Popular Cybercrime Tool That Flies Under the Radar
Pandora hVNC is a widely used remote access trojan (RAT) that allows cybercriminals to gain covert control over victims' computers, enabling activities like data theft and unauthorized access to sensitive systems.
New Hacker Group ‘GambleForce’ Tageting APAC Firms Using SQL Injection Attacks
A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. "GambleForce uses a set of basic yet very effective techniques,...
Update: Credit Union Operations Restored After Tech Supplier Ransomware Attack
The NCUA has been in contact with the affected financial institutions and helped them get their systems back online. The attack, which was caused by ransomware, affected credit unions using cloud services provided by Ongoing Operations.
Microsoft Takes Legal Action to Crack Down on Storm-1152’s Cybercrime Network
Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal...
FREE GUIDE