Pro CISO’s Threat Intelligence service identifies collections of Bitwarden password manager credentials on the Darkweb
Pro CISO’s Threat Intelligence service identifies collections of Bitwarden password manager credentials on the Darkweb
Read morePro CISO’s Threat Intelligence service identifies collections of Bitwarden password manager credentials on the Darkweb
Read moreHow the CL0P ransomware group exploits a zero day vulnerability of the MOVEit file transfer product, to attack their victims, encrypt their data and demand a ransom to decrypt the files.
Read more"Stealer" malware is the new silent threat. Targeting anyone, both individuals and organizations, with the objective to harvest credentials and sensitive information from user devices and sell them on the Darkweb
Read moreWhy did cybersecurity become a business risk? Because of ransomware ? Or maybe, because of something we've all heard about called: the Digital Transformation (DX) ?
Read moreWhen it isn't practical to integrate all corporate apps with SSO, it's still possible to adopt an overlay solution, that is integrated with SSO, providing MFA and central access and control to applications.
Read moreInteresting precedent over the 2016 Uber Data Breach sentence, concerning the CISO's responsibility in a cybersecurity incident
Read moreThe US FBI, CISA, and Australian Cyber Security Centre (ACSC) release a joint Cybersecurity Advisory to warn about the emerging BianLian ransomware and data extortion group
Read moreDashlane Enterprise Password Manager is the first to support Passkeys
Read moreDashlane releases its new Confidential SSO feature to allow users to securely and seamlessly log into Dashlane with their existing company SSO credentials.
Read morePhishing is one of the most successful entry points for attackers to compromise an organization. CISA provides an Infographic to help both individuals and companies to be more protected.
Read moreResearchers at Leiden Institute of Advanced Computer Science find many fake proof-of-concept (PoC) exploits for vulnerabilities on GitHub, many of them including malware.
Read moreThe Dutch National Police trick the DeadBolt ransomware gang, by reversing the Bitcoin ransom payments, after receiving the decryption keys for multiple victims.
Read moreMandiant uncovers a new type of malware that targets ESXi Hypervisors, Linux vCenters and SAN arrays, through which attackers gain undeteced privileged access to the underlining virtual machines.
Read moreAttackers spam users with MFA push notifications, until they finally accept by error or just because they are overwhelmed. This is becoming more common way of bypassing MFA.
Read moreMicrosoft releases Defender standalone for Android, Apple iOS, macOS and of course Windows, for customers having a Microsoft 365 home or business subscription
Read moreCISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination
Read moreThe Five Eyes (FVEY) intelligence alliance warns managed service providers (MSPs) and their customers around increasing supply chain attacks.
Read moreApple, Google and Microsoft today jointly announced plans to expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium
Read moreWindows Autopatch will keep Windows and Office software on enrolled endpoints up-to-date automatically
Read moreTrend Micro Threat Research identify malicious actors actively exploiting the Spring4Shell vulnerability to weaponize and execute the Mirai DDoS botnet malware.
Read moreThe new juvenile data extortion group, LAPSUS$, has taken big organizations by surprise with their old-fashioned social engineering attacks
Read moreA new vulnerability in the Spring Framework for Java Development Kit (JDK) version 9.0 or later. Exposes millions of systems to compromise, similarly to the Log4j vulnerability,
Read moreThe Cyber Incident Reporting Act introduces new cybersecurity reporting requirements that will apply to businesses in almost every major sector of the economy.
Read moreThe Microsoft Defender for IoT research team has discovered the method through which MikroTik devices are used in Trickbot’s C2 infrastructure.
Read moreThe German BSI federal cybersecurity agency suggests to uninstall Kaspersky antivirus, assuming that it could find itself being used against its management's will to harm instead of protect its customers
Read more