Seqrite Labs’ APT Team has documented fresh campaigns from Silent Lynx, a sophisticated threat actor group known for orchestrating spear-phishing operations that impersonate government officials […]
Hackers Abuse OneDrive.exe via DLL Sideloading to Run Malicious Code
Security researchers have discovered a sophisticated attack technique that exploits Microsoft’s OneDrive application to execute malicious code without detection. The method, known as DLL sideloading, […]
CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited […]
FIN7 Hackers Leverage Windows SSH Backdoor for Stealthy Remote Access and Persistence
The notorious FIN7 cybercriminal group, also known as Savage Ladybug, continues to rely on a sophisticated Windows SSH backdoor infrastructure with minimal modifications since 2022, […]
10 promising cybersecurity startups CISOs should know about
Coming up with an accurate head count for cybersecurity startups is virtually impossible, with a new ventures popping up seemingly every day. And there’s no […]
DragonForce Cartel Surfaces from Leaked Conti v3 Ransomware Source Code
Acronis Threat Research Unit has analyzed recent activity linked to the DragonForce ransomware group and identified a new malware variant in the wild. The latest […]
Attackers Exploit Microsoft Teams Flaws to Manipulate Messages and Fake Notifications
Check Point Research uncovered four critical vulnerabilities in Microsoft Teams that could allow attackers to impersonate executives, manipulate messages, alter notifications, and forge identities during […]
How crooks use IT to enable cargo theft
In the old days, crooks followed transport trucks and hijacked them. Today they use phishing, vishing and identity theft to find and divert valuable cargo […]
ISO und ISMS: Darum gehen Security-Zertifizierungen schief
Mit einer ISO 27001-Zertifizierung weisen Unternehmen nach, dass sie ein wirksames Informationssicherheits-Managementsystems (ISMS) betreiben. Lesen Sie, weshalb der Zertifizierungsprozess häufig schief geht. Foto: mentalmind – […]
Critical RCE Bug in Leading React Native NPM Module Could Allow Full System Compromise
A severe security vulnerability has been discovered in a widely used React Native development package, potentially exposing millions of developers to remote attacks. Security researchers […]