With skilled CISOs in short supply, service providers are turning to virtual CISOs. A new eBook by Cynomi explains how service providers/MSPs can quickly and easily expand vCISO service offerings to their customers. […]
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim’s web browser and steal sensitive information from their account under specific circumstances.
“When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim’s
“When a victim views a malicious email in Roundcube sent by an attacker, the attacker can execute arbitrary JavaScript in the victim’s
Scamnetic Emerges From Stealth With AI-Based Scam Detection Solution
Scamnetic emerges from stealth mode with an AI-based scam detection solution and over $1 million in pre-seed funding.
The post Scamnetic Emerges From Stealth With AI-Based Scam Detection Solution appeared first on SecurityWeek.
Secure by Default: What It Means for the Modern Enterprise
What does “secure by default” mean for the average company as you implement security systems and protocols?
The post Secure by Default: What It Means for the Modern Enterprise appeared first on SecurityWeek.
Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication
The ransomware scourge is still growing and still successful for attackers, Rapid7’s Ransomware Radar Report 2024 shows.
The post Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication appeared first on SecurityWeek.
New Go-based Backdoor GoGra Targets South Asian Media Organization
An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra.
“GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services,” Symantec, part of Broadcom, said in a report shared with The Hacker News.
It’s currently not clear how it’s
“GoGra is written in Go and uses the Microsoft Graph API to interact with a command-and-control (C&C) server hosted on Microsoft mail services,” Symantec, part of Broadcom, said in a report shared with The Hacker News.
It’s currently not clear how it’s
CrowdStrike Reveals Root Cause of Global System Outages
Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally.
The “Channel File 291” incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template Type to enable
The “Channel File 291” incident, as originally highlighted in its Preliminary Post Incident Review (PIR), has been traced back to a content validation issue that arose after it introduced a new Template Type to enable
Ransomware Attack Cost LoanDepot $27 Million
LoanDepot reported expenses totaling nearly $27 million related to the ransomware attack that came to light in January 2024.
The post Ransomware Attack Cost LoanDepot $27 Million appeared first on SecurityWeek.
Chrome, Firefox Updates Patch Serious Vulnerabilities
A Chrome 127 update patches five vulnerabilities, and Firefox 129 addresses over a dozen security holes.
The post Chrome, Firefox Updates Patch Serious Vulnerabilities appeared first on SecurityWeek.
Chameleon Android Banking Trojan Targets Users Through Fake CRM App
Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app.
“Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally,” Dutch security outfit ThreatFabric said in a technical
“Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally,” Dutch security outfit ThreatFabric said in a technical