Integris Health has reported to U.S. authorities that the data breach it suffered last November exposed personal information belonging to almost 2.4 million people. […]
Microsoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flaws
Today is Microsoft’s February 2024 Patch Tuesday, which includes security updates for 73 flaws and two actively exploited zero-days. […]
Windows 11 KB5034765 update released with Start Menu fixes
Microsoft has released the KB5034765 cumulative update for Windows versions 23H2 and 22H2 to fix several bugs in the OS, including an issue that causes problems with the Start menu. […]
Hackers steal $290 million in crypto from PlayDapp gaming platform
Hackers are believed to have used a stolen private key to mint and steal over $290 million in PLA tokens, a cryptocurrency used within the PlayDapp ecosystem. […]
Bumblebee malware attacks are back after 4-month break
The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns. […]
5 Steps to Improve Your Security Posture in Microsoft Teams
Microsoft Teams is susceptible to a growing number of cybersecurity threats as its massive user base is an attractive target for cybercriminals. Learn more from Adaptive Shield on how to increase your Microsoft Teams security posture. […]
Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit
The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware.
“This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a stealthy persistence that can be extremely difficult to
“This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a stealthy persistence that can be extremely difficult to
PikaBot Resurfaces with Streamlined Code and Deceptive Tactics
The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of “devolution.”
“Although it appears to be in a new development cycle and testing phase, the developers have reduced the complexity of the code by removing advanced obfuscation techniques and changing the network communications,” Zscaler ThreatLabz researcher Nikolaos
“Although it appears to be in a new development cycle and testing phase, the developers have reduced the complexity of the code by removing advanced obfuscation techniques and changing the network communications,” Zscaler ThreatLabz researcher Nikolaos
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors such as sophisticated spear-phishing, misconfigurations and
Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices.
That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.
That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.