A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., the U.K., Germany, and Japan. […]
Microsoft releases Exchange hotfixes for security update issues
Microsoft has released hotfix updates to address multiple known issues impacting Exchange servers after installing the March 2024 security updates. […]
US govt sanctions Iranians linked to government cyberattacks
The Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies. […]
DPRK hacking groups breach South Korean defense contractors
The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to steal valuable technology information. […]
US imposes visa bans on 13 spyware makers and their families
The Department of State has started imposing visa restrictions on mercenary spyware makers and peddlers, prohibiting their entry into the United States, as announced earlier in February. […]
Hackers hijack antivirus updates to drop GuptiMiner malware
North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware. […]
UnitedHealth confirms it paid ransomware gang to stop data leak
The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect sensitive data stolen during the Optum ransomware attack in late February. […]
Apache Cordova App Harness Targeted in Dependency Confusion Attack
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness.
Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository.
This&
Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository.
This&
Webinar: Learn Proactive Supply Chain Threat Hunting Techniques
In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-party dependencies to breach even the most formidable defenses. But what if you could turn the tables and proactively hunt these threats before they wreak havoc?
We invite you to join us for an
We invite you to join us for an
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE).
They called on the industry and governments to take urgent action to ensure public safety across social media platforms.
“Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies
They called on the industry and governments to take urgent action to ensure public safety across social media platforms.
“Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies