CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known...
North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS
A threat actor with ties to the Democratic People's Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable...
A Hacker’s Guide to Password Cracking
Defending your organization's security is like fortifying a castle—you need to understand where attackers will strike and how they'll try to breach your walls....
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait
The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking...
5 Most Common Malware Techniques in 2024
Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more stable, making them a...
SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims
An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys information stealer since July...
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years...
Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems
Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote...
Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns
The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting...
VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware
An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as...
