SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an older, […]
The AI-Powered Security Shift: What 2025 Is Teaching Us About Cloud Defense
Now that we are well into 2025, cloud attacks are evolving faster than ever and artificial intelligence (AI) is both a weapon and a shield. […]
Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups
Microsoft has released an advisory for a high-severity security flaw affecting on-premise versions of Exchange Server that could allow an attacker to gain elevated privileges […]
HashiCorp Vault & CyberArk Conjur kompromittiert
Secrets Management und Remote Code Exceution gehen nicht gut zusammen. Alexsander Ovsyannikov | shutterstock.com In Enterprise-Umgebungen übersteigt die Anzahl nicht-menschlicher Identitäten (wie sie beispielsweise von […]
‘We too were breached,’ says Google, months after revealing Salesforce attacks
Google has now confirmed that it too was impacted by the Salesforce data theft attacks originally uncovered by its own threat intelligence group (GTIG) in […]
Project Ire: Microsoft’s autonomous AI agent that can reverse engineer malware
Microsoft has introduced Project Ire, an autonomous AI agent capable of analyzing and classifying software as either malicious or benign, without any prior knowledge of […]
Hackers Exploit Legitimate Drivers to Disable Antivirus and Weaken System Defenses
Threat actors have been deploying a novel antivirus (AV) killer since at least October 2024, leveraging the legitimate ThrottleStop.sys driver to execute Bring Your Own […]
Akamai Ghost Platform Flaw Allows Hidden Second Request Injection
Akamai Technologies disclosed a critical HTTP request smuggling vulnerability affecting its content delivery network platform that could allow attackers to inject hidden secondary requests through […]
New Active Directory Attack Method Bypasses Authentication to Steal Data
Security researchers have uncovered a novel attack technique that exploits weaknesses in hybrid Active Directory (AD) and Entra ID environments to bypass authentication and exfiltrate […]
HeartCrypt-Packed ‘AVKiller’ Tool Actively Deployed in Ransomware Attacks to Disable EDR
Threat actors are placing a higher priority on neutralizing endpoint detection and response (EDR) systems in order to remain stealthy in the dynamic world of […]