Hackers bypassed MFA to gain access of cloud service accounts
The US Cybersecurity and Infrastructure Security Agency (CISA) said today that threat actors bypassed multi-factor authentication (MFA) authentication protocols to compromise cloud service accounts.
"CISA...
RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage
The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands."The Program...
New PHP Vulnerability Exposes Windows Servers to Remote Code Execution
Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.The vulnerability,...
6 Ways to Simplify SaaS Identity Governance
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to...
The Drop in Ransomware Attacks in 2024 and What it Means
The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting...
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come...
Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain...
Summary of “AI Leaders Spill Their Secrets” Webinar
The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the...
WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites
A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible...
Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted....
