Category: Cybersecurity

April 18, 2024

A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads […]

April 5, 2024

Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means […]

April 1, 2024

In guidance to congressional offices issued by The House’s Chief Administrative Officer, Catherine Szpindor, and seen by Axios, it’s stated that Copilot is “unauthorized for House use.” The guidance adds that Copilot will be removed from and blocked on all […]

April 1, 2024

When the massive trove of data was posted for sale on a cybercrime forum early this month, AT&T said it did not originate from its systems, even though the poster said it was stolen from a 2021 breach of the […]

April 1, 2024

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN’s Satori Threat Intelligence team, which said the […]

March 26, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows – CVE-2023-48788 (CVSS score: 9.3) – Fortinet FortiClient EMS SQL Injection […]

March 20, 2024

In JFrog’s just-released Software Supply Chain State of the Union 2024 report, the software supply chain platform provider found extensive use of AI and machine learning tools for security. However, only one in three software developers the company surveyed use […]

March 19, 2024

In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders—particularly Chief Information Security Officers […]

March 15, 2024

Google is upgrading Chrome’s Safe Browsing security tool by allowing it to provide constant protection against suspicious websites in real-time. Before going into the update itself, it’s worth covering the backstory. Safe Browsing gives the Chrome browser a list of […]

February 28, 2024

AI technology is radically changing the direction of the cybersecurity sector. Companies around the world are expected to spend $102.78 billion on AI to stop cybersecurity threats in 2032 alone. Artificial Intelligence (AI) plays a pivotal role in enhancing cybersecurity […]

February 21, 2024

Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted […]

February 7, 2024

The Department of Homeland Security (DHS) is seeking artificial intelligence experts to help harness AI to advance its mission. These recruitment efforts come a day after House Republicans narrowly failed to impeach Alejandro Mayorkas, the secretary of Homeland Security, claiming […]

January 30, 2024

Last year’s MOVEit and 3CX vulnerabilities offered a stark reminder of the risk software supply chain attacks pose today. Threat actors exploit vulnerabilities to infiltrate a software provider’s network and modify the software’s original functionality with malicious code. Once the […]

January 12, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The issue, tracked as CVE-2023-29357 (CVSS score: 9.8), is a […]

December 21, 2023

After raising its security game with a feature-packed update in October, our #1 best VPN has just extended its advanced protections to Mac users. ExpressVPN initially unveiled its new adult site tools and ad-blocker across its Windows, iOS, and Android […]

December 12, 2023

Let’s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum? Surprisingly, it’s the EHR, and the difference is stark: […]

December 11, 2023

The Federal Trade Commission (FTC) warned the public against scanning any old QR code in a consumer alerts blog last week. Naturally, the warning comes down to security and privacy — bad actors can put QR codes in inconspicuous places […]

December 5, 2023

You no longer have to go to a bank to make a payment, thanks to fintech apps like Venmo and PayPal. Seemingly inspired by these apps, the internet is now filled with dangerous SpyLoan apps that pretend to be there […]

December 4, 2023

It’s been over 10 years since Shannon Lietz introduced the term DevSecOps, aiming to get security a seat at the table with IT developers and operators. The question is, how far has security come since then? Do DevSecOps teams have […]

November 30, 2023

Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial intelligence (AI) techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention […]