Are you sure you want to leave? You’re just one step away from your free network consultation (valued at $495).
Blog
Hackers Repurpose RansomHub’s EDRKillShifter in Medusa, BianLian, and Play Attacks
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on...
APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country....
New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It
Whether it’s CRMs, project management tools, payment processors, or lead management tools - your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration,...
Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system. Here are...
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date. "The threat actor has slightly revamped their interface but is...
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The...
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that's used to manage data protection across applications, databases, virtual machines, and...
New SparrowDoor Backdoor Variants Found in Attacks on U.S. and Mexican Organizations
The Chinese threat actor known as FamousSparrow has been linked to a cyber attack targeting a trade group in the United States and a research institute in Mexico to deliver its flagship backdoor SparrowDoor and ShadowPad. The activity, observed in July 2024, marks the...
EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware
The threat actor known as EncryptHub exploited a recently-patched security vulnerability in Microsoft Windows as a zero-day to deliver a wide range of malware families, including backdoors and information stealers such as Rhadamanthys and StealC. "In this attack, the...
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor's tradecraft. The activity, observed by Romanian cybersecurity company Bitdefender, involves the deployment of a...
FREE GUIDE
The Ultimate Guide To IT Support Services And Fees
What You Should Expect To Pay For IT Support For Your Small Business (And How To Get Exactly What You Need Without Unnecessary Extras, Hidden Fees And Excessive Contracts)
