Cyber threat actors have launched sophisticated phishing operations aimed at military and government personnel in South Asia, leveraging defense-related lures to distribute malicious archives and […]
Malicious PDFs in Play: UAC-0057 Leveraging Invitations to Trigger Shell Script Attacks
The Belarusian-affiliated threat actor UAC-0057, also known as UNC1151, FrostyNeighbor, or Ghostwriter, has been using weaponized archives that contain phony PDFs that are posing as […]
Azure Default API Connection Flaw Enables Full Cross-Tenant Compromise
A critical security vulnerability in Microsoft Azure’s API Connection architecture has been discovered that could allow attackers to completely compromise resources across different tenant environments, […]
Stealth Threat Unpacked: Weaponized RAR Files Deliver VShell Backdoor on Linux Systems
Trellix Advanced Research Center has exposed an infection chain that weaponises nothing more than a filename to compromise Linux hosts. A spam message masquerading as […]
What is the cost of a data breach?
For modern businesses, regardless of industry or size the financial impact of a data breach is substantial. IBM’s latest Cost of a Data Breach report […]
Ensuring security in a borderless world: The 30th anniversary of Schengen system
In an international tariff context and divisions, in which multilateralism is being questioned, the European Union remains a showcase of cooperation between countries. Perhaps one […]
Colt Confirms Ransomware Attack Resulted in Customer Data Theft
Industrial technology company Colt has confirmed that a recent ransomware attack on its business support systems resulted in the theft of customer data, marking the […]
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with […]
NIST Releases New Control Overlays to Manage Cybersecurity Risks in AI Systems
The National Institute of Standards and Technology (NIST) has unveiled a comprehensive initiative to address the growing cybersecurity challenges associated with artificial intelligence systems through […]
New HTTP Smuggling Technique Allows Hackers to Inject Malicious Requests
Cybersecurity researchers have uncovered a sophisticated HTTP request smuggling attack that exploits inconsistent parsing behaviors between front-end proxy servers and back-end application servers. This newly […]