Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. […]
Ivanti: Patch new Connect Secure auth bypass bug immediately
Today, Ivanti warned of a new authentication bypass vulnerability impacting Connect Secure, Policy Secure, and ZTA gateways, urging admins to secure their appliances immediately. […]
Microsoft unveils new ‘Sudo for Windows’ feature in Windows 11
Microsoft introduced ‘Sudo for Windows’ today, a new Windows 11 feature allowing users to execute commands with elevated privileges from unelevated terminals. […]
Fake LastPass password manager spotted on Apple’s App Store
LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users’ credentials. […]
Data breaches at Viamedis and Almerys impact 33 million in France
Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33 million people in the country. […]
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years.
Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam.
“Volt Typhoon’s choice of targets and pattern
Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam.
“Volt Typhoon’s choice of targets and pattern
Google teases a new modern look for sign-in pages, including Gmail
Google is on the brink of refreshing its sign-in pages, including Gmail, with a sleek, modern makeover. […]
Unified Identity – look for the meaning behind the hype!
If you’ve listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits!
However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made equal. Some vendors call the
However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made equal. Some vendors call the
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods
The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling.
“The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,”
“The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe,”
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data.
“This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts
“This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud when the user attempts