Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian...

Guide: How MSSPs and vCISOs can extend their services into compliance readiness without increasing cost

Compliance services are emerging as one of the hottest areas of cybersecurity.  While compliance used...

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be...

Git Users Urged to Update Software to Prevent Remote Code Execution Attacks

The maintainers of the Git source code version control system have released updates to remediate two critical...

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling...

Initial Meeting of the IoT Advisory Board

NIST is pleased to announce that dates have been set for the IoTAB’s inaugural meeting....

Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized Access

Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks...

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware

New research has found that it is possible for threat actors to abuse a legitimate...

4 Places to Supercharge Your SOC with Automation

It’s no secret that the job of SOC teams continues to become increasingly difficult. Increased...

Zoho ManageEngine PoC Exploit to be Released Soon – Patch Before It’s Too Late!

Users of Zoho ManageEngine are being urged to patch their instances against a critical security...

COVID-19: Moving your business from the physical to the digital

Security questions to ask your IT service providers during the coronavirus lockdown...

Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems

A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package Index...

UK schools build cyber resilience

Awareness and training programmes help schools prepare for cyber attacks....

1 Comment

Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software

A “large and resilient infrastructure” comprising over 250 domains is being used to distribute information-stealing...

A Secure User Authentication Method – Planning is More Important than Ever

When considering authentication providers, many organizations consider the ease of configuration, ubiquity of usage, and...

CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning...

New Backdoor Created Using Leaked CIA’s Hive Malware Discovered in the Wild

Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S....

Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident

DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee’s laptop and...

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

A majority of internet-exposed Cacti servers have not been patched against a recently patched critical...

TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws

Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by...

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Cisco has warned of two security vulnerabilities affecting end-of-life (EoL) Small Business RV016, RV042, RV042G,...

1 Comment

Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware

Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of...

Cyber attack against Royal Mail linked to Russian hackers

A ransomware attack on the UK’s Royal Mail has caused “severe disruption” to the company’s...

2 Comments

Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar

Remote access trojans such as StrRAT and Ratty are being distributed as a combination of...

Get Unified Cloud and Endpoint Security: Only $1 for 1,000 Assets for all of 2023!

As the new year begins, it’s more important than ever to protect your business from...

FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations

A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown...

Threat Report 13th January 2023

The NCSC’s threat report is drawn from recent open source reporting....

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain...

Over 100 Siemens PLC Models Found Vulnerable to Firmware Takeover

Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 programmable logic...

IOTW: LastPass facing class action lawsuit following data breach

The lawsuit alleges that LastPass stored crucial information that allowed hackers access to victims’ password...