-
Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft
Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR,…
Read More » -
Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack
Iraqi government networks have emerged as the target of an “elaborate” cyber attack campaign orchestrated by an Iran state-sponsored threat…
Read More » -
Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances
The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances…
Read More » -
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these…
Read More » -
One More Tool Will Do It? Reflecting on the CrowdStrike Fallout
The proliferation of cybersecurity tools has created an illusion of security. Organizations often believe that by deploying a firewall, antivirus…
Read More » -
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped…
Read More » -
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka…
Read More » -
Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt
A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign…
Read More »