Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to new findings from Fortinet. The DOS (Disk Operating…
At least one lucky US CISO earned around $5 million last year, according to a new survey, but the reality is that the average compensation for CISOs at the largest…
Threat actors can abuse one of Microsoft Entra’s by-design features, the software giant’s cloud-based identity and access management service, to gain persistence and escalate privilege inside a target Azure account.…
The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data…
The phishing operation is using Telegram groups to sell a phishing-as-a-service kit with customer service, a mascot, and infrastructure that requires little technical knowledge to install. – Read More
Malware is evolving rapidly, driven by advances in AI and changes in computing infrastructures. Security professionals must continuously educate themselves on these trends to defend against increasingly sophisticated threats. The…
Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2). The tech giant, which discovered…
Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI WooCommerce Wishlist plugin for WordPress that could be exploited by unauthenticated attackers to upload arbitrary files. TI WooCommerce Wishlist,…
Almost every organization is using an AI platform these days. Large language models (LLMs) are either being integrated into existing applications, come with new applications, are being tried by employees,…
Researchers are using quantum computers to generate keys that are truly random to strengthen data encryption. – Read More
Researchers at Oasis Security say the problem has to do with OneDrive File Picker having overly broad permissions. – Read More
Among the recommendations, organizations should conduct thorough testing and manage costs, which can be hefty, before implementing the platforms. – Read More
From boardroom conversations to industry events, “artificial intelligence” is the buzz phrase that’s reshaping how we collectively view the future of security. The perspectives are diverse, to say the least.…
Harnessing AI’s full transformative potential safely and securely requires more than an incremental enhancement of existing cybersecurity practices. A Secure by Design approach represents the best path forward. – Read…
Authorities in Pakistan have arrested 21 individuals accused of operating “Heartsender,” a once popular spam and malware dissemination service that operated for more than a decade. The main clientele for…