Monthly Archives: February 2024

Stealthy Zardoor Backdoor Targets Saudi Islamic Charity Organizations
February 9, 2024

An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a...

Fortinet Warns of Critical FortiOS SSL VPN Vulnerability Under Active Exploitation
February 9, 2024

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said...

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
February 9, 2024

Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy...

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
February 9, 2024

Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy...

Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade

The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been...

08
Feb
Unified Identity – look for the meaning behind the hype!

If you’ve listened to software vendors in the identity space lately, you will have noticed...

08
Feb
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods

The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as...

08
Feb
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore

Google has unveiled a new pilot program in Singapore that aims to prevent users from...

08
Feb
Kimsuky’s New Golang Stealer ‘Troll’ and ‘GoBear’ Backdoor Target South Korea

The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented...

08
Feb
Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses...

08
Feb
After FBI Takedown, KV-Botnet Operators Shift Tactics in Attempt to Bounce Back

The threat actors behind the KV-botnet made “behavioral changes” to the malicious network as U.S. law enforcement...

07
Feb
Critical Bootloader Vulnerability in Shim Impacts Nearly All Linux Distros

The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug...

07
Feb
New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs

2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs...

07
Feb
Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

A coalition of dozens of countries, including France, the U.K., and the U.S., along with...

07
Feb
Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network

Chinese state-backed hackers broke into a computer network that’s used by the Dutch armed forces...

07
Feb
Critical JetBrains TeamCity On-Premises Flaw Exposes Servers to Takeover – Patch Now

JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration...

07
Feb
Beware: Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials

Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets...

06
Feb
Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services

Three new security vulnerabilities have been discovered in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services that could be...

06
Feb
How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM

SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate...

06
Feb
Hackers Exploit Job Boards in APAC, Steal Data of Millions of Job Seekers

Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted...

06
Feb
Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation

A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure...

06
Feb
U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance

The U.S. State Department said it’s implementing a new policy that imposes visa restrictions on...

06
Feb
Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering

A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e...

05
Feb
QR Codes – what’s the real risk?
February 5, 2024

How safe is it to scan that QR code in the pub? Or in that...

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware

The threat actor known as Patchwork likely used romance scam lures to trap victims in...

05
Feb
The Journey to Becoming a Human Risk Analyst

When people hear that I get to write phishing emails and make vishing calls for...

05
Feb
Hands-On Review: SASE-based XDR from Cato Networks

Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and...

05
Feb
Combined Security Practices Changing the Game for Risk Management

A significant challenge within cyber security at present is that there are a lot of...

05
Feb
Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan

The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society...

05
Feb
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw

The threat actors behind the Mispadu banking Trojan have become the latest to exploit a...

05
Feb