Cybersecurity company Huntress on Friday warned of “widespread compromise” of SonicWall SSL VPN devices to access multiple customer environments. “Threat actors are authenticating into multiple accounts rapidly across compromised devices,”…
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is…
The security company looks to tackle new authentication challenges that could lead to credential leakage, as enterprises increasingly leverage AI browser agents. – Read More
In light of new memory safety features added to Apple’s latest iPhone chips that make entire classes of exploits harder to pull off, the company has revamped its bug bounty…
RondoDox takes a hit-and-run, shotgun approach to exploiting bugs in consumer edge devices around the world. – Read More
Only days ago, a message on the BreachForums extortion site threatened to leak one billion records allegedly stolen from the Salesforce systems of 39 of the largest companies in the…
Ransomware gangs continue to set their sights on the manufacturing industry, but companies are taking steps to protect themselves, starting with implementing timely patch management protocols. – Read More
On Sept. 17, security vendor SonicWall announced that cybercriminals had stolen backup files configured for cloud backup. At the time, the company claimed the incident was limited to “less than…
The group warned that law-enforcement crackdowns are imminent in the wake of the takedown, but its extortion threats against Salesforce victims remain active. – Read More
The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon,…
In a new wrinkle for adversary tactics, the Storm-2603 threat group is abusing the digital forensics and incident response (DFIR) tool to gain persistent access to victim networks. – Read…
Microsoft previewed the Sentinel security graph and MCP server at its annual Microsoft Secure virtual event earlier this month. – Read More
Paul Martin from Ricoh shares some key takeaways from a meeting of legal industry IT leaders, discussing the latest security threats they are facing. Ricoh UK recently hosted the second…
The vast majority of organizations are encountering AI-augmented threats, but remain confident in their defenses, despite inadequate detection investment and more than half falling to successful attacks. – Read More
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads. According to…