Apple and Google espouse strong values about data privacy, but they allow programs from a Big Brother state to thrive on their app stores, researchers […]
Category: Cyber Security News
‘CitrixBleed 2’ Shows Signs of Active Exploitation
If exploited, the critical vulnerability allows attackers to maintain access for longer periods of time than the original CitrixBleed flaw, all while remaining undetected. The […]
Threat Actors Use Clickfix Tactics to Deploy Malicious AppleScripts for Stealing Login Credentials
In a recent discovery by the CYFIRMA research team, a sophisticated malware campaign dubbed Odyssey Stealer has been uncovered, targeting macOS users through a deceptive […]
Threat Actors Leverage Windows Task Scheduler to Embed Malware and Maintain Persistence
A comprehensive follow-up analysis to the FortiGuard Incident Response Team’s (FGIR) investigation titled “Intrusion into Middle East Critical National Infrastructure” has revealed a protracted cyberattack […]
Exploitation of Microsoft 365 Direct Send to Deliver Phishing Emails as Internal Users
A sophisticated phishing campaign targeting over 70 organizations, predominantly in the US, has been uncovered by Varonis’ Managed Data Detection and Response (MDDR) Forensics team. […]
Scattered Spider Taps CFO Credentials in ‘Scorched Earth’ Attack
In a recent intrusion, the notorious cybercriminal collective accessed CyberArk vaults and obtained more 1,400 secrets, subverted Azure, VMware, and Snowflake environments, and for the […]
Over 1,000 SOHO Devices Hacked in China-linked LapDogs Cyber Espionage Campaign
Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a […]
Hackers Make Hay? Smart Tractors Vulnerable to Full Takeover
Hackers can spy on tens of thousands of connected tractors in the latest IoT threat, and brick them too, thanks to poor security in an […]
Some Brother printers have a remote code execution vulnerability, and they can’t fix it
Brother Industries is grappling with a critical authentication bypass vulnerability affecting hundreds of different printer models, many of them used in enterprises, allowing unauthenticated remote […]
_Michael_Burrell_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Vulnerability Debt: How Do You Put a Price on What to Fix?
Putting a vulnerability debt figure together involves work, but having vulnerability debt figures lets you measure real-world values against your overall security posture. The original […]