Phishing 2.0 nutzt Subdomain-Rotation und Geoblocking. janews – Shutterstock.com Eine kürzlich aufgedeckte Phishing-Kampagne steht in Verbindung mit Salty2FA, einem Phishing-as-a-Service-(PhaaS-)Framework. Es soll entwickelt worden sein, um Multi-Faktor-Authentifizierung (MFA) zu umgehen.…
As Kubernetes becomes the foundation of enterprise infrastructure, the underlying operating system must evolve alongside it. – Read More
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows…
Oasis Security has uncovered a flaw in the widely used AI-powered code editor Cursor that lets malicious repositories silently execute code the moment a developer opens them. According to a…
A new threat actor, The Gentlemen, has emerged as a fast-moving ransomware group that has rapidly expanded its activity across Asia Pacific, South America, the US, and the Middle East.…
With multiple persistence mechanisms, the modular malware can brute-force passwords, drop payloads, and communicate over different protocols. – Read More
Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the…
The recent SalesLoft Drift breaches revealed an uncomfortable truth that keeps me up at night, and should keep every CISO awake, too. Organizations weren’t breached through their vendor. They weren’t…
Apple on Tuesday revealed a new security feature called Memory Integrity Enforcement (MIE) that’s built into its newly introduced iPhone models, including iPhone 17 and iPhone Air. MIE, per the…
The House Select Committee on China has formally issued an advisory warning of an “ongoing” series of highly targeted cyber espionage campaigns linked to the People’s Republic of China (PRC)…
Introduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong cybersecurity outcomes in a landscape marked by rising threats and evolving compliance…
OneAdvanced look into how AI is enhancing efficiency in legal operations, including limitations, challenges and how to manage risks. The post How AI is transforming law firms & legal practice…
Dye & Durham UK has announced the integration of a new suite of Anti-Money Laundering (AML) and Know Your Customer (KYC) tools into its Unity Practice Management platform. The post…
Phishing-as-a-Service (PhaaS) platforms keep evolving, giving attackers faster and cheaper ways to break into corporate accounts. Now, researchers at ANY.RUN has uncovered a new entrant: Salty2FA, a phishing kit designed…
Dishonesty allegation dropped A managing partner has been suspended from practice for 12 months after he admitted backdating a client-care letter in order to make a file “look as good…