Microsoft says it’s time for you to prevent using SMS and voice involves multi-factor...
SIM-swapping scams and other techniques pose risk to those that depend on phone-based authentication
But don’t make the error of disabling MFA entirely – even...
New Critical RCE Vulnerability Discovered in Apache Struts 2 – Patch Now
Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in...
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a...
Malware uses WiFi BSSID for victim identification
Malware authors are using the WiFi AP MAC address (also referred to as the BSSID) as how to geo-locate infected hosts.
Malware operators who want...
Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on...
Demystifying a Common Cybersecurity Myth
One of the most common misconceptions in file upload cybersecurity is that certain tools are "enough" on their own—this is simply not the case....
NextGen Healthcare Mirth Connect Under Attack – CISA Issues Urgent Warning
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities...
LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation.Mikhail...
Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect...
New Case Study: The Malicious Comment
When is a 'Thank you' not a 'Thank you'? When it's a sneaky bit of code that's been hidden inside a 'Thank You' image...