The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical […]
Critical Ivanti Flaw Actively Exploited to Deploy TRAILBLAZE and BRUSHFIRE Malware
Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild. The vulnerability, […]
Disclosure Drama Clouds CrushFTP Vulnerability Exploitation
CrushFTP CEO Ben Spink slammed several cybersecurity companies for creating confusion around a critical authentication bypass flaw that’s currently under attack. ​The original article found […]
China-Linked Threat Group Exploits Ivanti Bug
The vendor had originally assessed the flaw as low risk but now says it is a critical issue that enables remote code execution. ​The original […]
Counterfeit Phones Carrying Hidden Revamped Triada Malware
The malware, first discovered in 2016, has been updated over the years, and the latest version is now hiding in the firmware of counterfeit mobile […]
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such […]
Runtime Ventures Launches New Fund for Seed, Pre-Seed Startups
Co-founders Michael Sutton and David Endler raised $32 million to invest in early stage cybersecurity startups as well as to provide mentoring support. ​The original […]
Legacy Stripe API Exploited: Why PCI DSS Requirement 6.4.3 is Critical for Payment Security
The digital payment ecosystem is under constant attack, and a recent campaign exploiting a legacy Stripe API has brought a new level of urgency to securing payment […]
_Anthony_Brown_Alamy.jpg)
Emerging Risks Require IT/OT Collaboration to Secure Physical Systems
With an increase in cyber-physical attacks that can cause significant disruptions, financial fallout and safety concerns for victim organizations, Renee Guttmann and Marc Sachs discuss […]
Google Quick Share Bug Bypasses Allow Zero-Click File Transfer
Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced “QuickShell” silent RCE attack chain against Windows users. ​The original article found […]