Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining
Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting...
Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect...
U.S. State Government Network Breached via Former Employee’s Account
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization's network environment was compromised via an administrator account...
Malicious ‘SNS Sender’ Script Abuses AWS for Bulk Smishing Attacks
A malicious Python script known as SNS Sender is being advertised as a way for threat actors to send bulk smishing messages by abusing...
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks
A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to...
The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules
The SEC isn't giving SaaS a free pass. Applicable public companies, known as "registrants," are now subject to cyber incident disclosure and cybersecurity readiness...
4 Instructive Postmortems on Data Downtime and Loss
More than a decade ago, the concept of the 'blameless' postmortem changed how tech companies recognize failures at scale.John Allspaw, who coined the term...
LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released
The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit's source code as well as intelligence pertaining to its activities and...
Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under...
Facebook sues makers of malicious Chrome extensions for scraping data
Facebook has made a legitimate move against the creators of noxious Chrome augmentations utilized for scratching client profiles and other data from Facebook's site...
