Blog
EU Cyber Resilience Act May Cause Bottlenecks, Companies Say
Concerns have been raised about the provision in the act that requires software developers to report vulnerabilities within 24 hours, as it may overwhelm cyber agencies and pose security risks.
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
The use of a reverse proxy in this phishing campaign allows the attackers to bypass multi-factor authentication (MFA) and gain access to victims' Microsoft 365 accounts, leading to further distribution of phishing emails.
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don’t pose any threat to their organization, and this has accelerated...
Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is...
Predator AI ChatGPT Integration Poses Risk to Cloud Services
The hacking tool is distributed through Telegram channels linked to hacking communities and focuses on facilitating web application attacks on commonly used technologies.
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike...
UK Shoppers Lost Over $13 Million to Fraud Last Festive Season
While AI tools make fraud campaigns more convincing, users can still protect themselves by being cautious of phishing emails, recognizing warning signs, and following online shopping guidance provided by the NCSC.
NY AG Hits Radiology Group With $450K Fine in SonicWall Hack
The breach was a result of the group failing to apply a firmware patch to fix a zero-day vulnerability in their SonicWall firewall, highlighting the importance of promptly updating and securing computer hardware and systems.
Russian State-Owned Sberbank Hit by 1 Million RPS DDoS Attack
The attack generated one million requests per second (RPS), four times larger than any previous attack on the bank. Sberbank believes that new, highly skilled hackers are targeting major Russian resources.
Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered,...
FREE GUIDE