Email phishing remains one of the most dangerous vectors for organizational cyberattacks, as well as one of the most difficult to defend against, with deceptive links, brand impersonation and other phishing threats sharply on the rise. A study published Tuesday by web services and security vendor Cloudflare, which analyzed 250 million malicious email messages sent […]
Cyber News, Cyber Threat TrendsThe NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. The Washington Post has the story: The hackers had deep, persistent access and appeared to be after anything they could get their hands on—plans, capabilities, assessments of military shortcomings, according to three former senior U.S. officials, who were among a dozen current […]
Cyber News, Cyber Threat Trends
Why SaaS Security Is a Challenge In today’s digital landscape, organizations are increasingly relying on Software-as-a-Service (SaaS) applications to drive their operations. However, this widespread adoption has also opened the doors to new security risks and vulnerabilities. The SaaS security attack surface continues to widen. It started with managing misconfigurations and now requires a
Cyber News, Cyber Threat TrendsResults from the National Institute of Water and Atmospheric Research Limited annual squid survey: This year, the team unearthed spectacular large hooked squids, weighing about 15kg and sitting at 2m long, a Taningia—which has the largest known light organs in the animal kingdom—and a few species that remain very rare in collections worldwide, such as […]
Cyber News, Cyber Threat Trends
Researchers from Microsoft have demonstrated how programmable logic controllers (PLCs) that support the CODESYS runtime can be taken over by exploiting high-severity remote code execution (RCE) vulnerabilities in the popular automation protocol. The flaws were patched earlier this year and impact the CODESYS V3 software development kit (SDK) that is integrated in more than 1,000 […]
Cyber News, Cyber Threat Trends
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution. “urlparse has a parsing problem when the entire URL starts with blank characters,” the CERT Coordination Center (CERT/CC) […]
Cyber News, Cyber Threat Trends
European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. “Five of its administrators were arrested, and all of its servers seized, rendering LolekHosted.net no longer available,” Europol said in a statement. “The service facilitated the
Cyber News, Cyber Threat Trends
ACM.283 What problem are you really trying to solve, what problems does your solution cause, and are there any alternatives? Continue reading on Cloud Security »
Cyber News, Cyber Threat Trends
Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) that could be potentially exploited by a malicious attacker to conduct remote attacks. “An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.’s desk phones and Zoom’s Zero Touch Provisioning feature can gain full remote control of the […]
Cyber News, Cyber Threat Trends