Are you sure you want to leave? You’re just one step away from your free network consultation (valued at $495).
Blog
A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation
Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable,...
U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing
The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP...
New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors
More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers...
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services
A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of...
BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers
Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The...
Russian Espionage Group Targets Ukrainian Military with Malware via Telegram
A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google's Threat Analysis Group (TAG) and Mandiant are tracking the...
THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 – Oct 27)
Cybersecurity news can sometimes feel like a never-ending horror movie, can't it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI...
Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes
Operational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on...
Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials
Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. "The campaigns target sensitive...
Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel
A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom...
FREE GUIDE
The Ultimate Guide To IT Support Services And Fees
What You Should Expect To Pay For IT Support For Your Small Business (And How To Get Exactly What You Need Without Unnecessary Extras, Hidden Fees And Excessive Contracts)
