Latest Cybersecurity News and Articles
23 April 2024
Research has discovered a vulnerability in an Apache project that could lead to remote code execution inside of the production environment.
23 April 2024
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness.
Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository.
This&
23 April 2024
The perpetrators attract unsuspecting Telegram users through a referral system, enticing them with promises of an “exclusive earning program” shared via contacts in their network.
23 April 2024
A phishing campaign exploiting a bug in Nespresso's website has been able to evade detection by taking advantage of security tools that fail to look for malicious nested or hidden links.
23 April 2024
Security leaders in small and medium-sized enterprises are overwhelmed by the volume and complexity of security demands.
23 April 2024
According to a recent cybersecurity priorities report, security analysts maintain that up to 57% of their daily tasks could be automated.
23 April 2024
Microsoft specifically highlighted a group named Emerald Sleet (aka Kimusky or TA427), which has been observed using LLMs to bolster spear-phishing efforts aimed at Korean Peninsula experts.
23 April 2024
In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-party dependencies to breach even the most formidable defenses. But what if you could turn the tables and proactively hunt these threats before they wreak havoc?
We invite you to join us for an
23 April 2024
The ransomware landscape has undergone significant changes in Q1 2024, with major shifts in the behavior of Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security's GRIT Q1 2024 Ransomware Report.
23 April 2024
CERT-UA reports that in March 2024, APT44 conducted operations to disrupt information and communication systems at energy, water, and heating suppliers in 10 regions of Ukraine.
23 April 2024
Doctors, clinics and other providers are prohibited from disclosing protected health information related to lawful reproductive healthcare, according to a final rule released Monday by federal regulators to "strengthen" HIPAA privacy.
23 April 2024
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a larger, more pressing question: What is the true financial impact of a cyberattack? According to research by Cybersecurity Ventures, the global cost of cybercrime is projected to reach
23 April 2024
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE).
They called on the industry and governments to take urgent action to ensure public safety across social media platforms.
"Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies
23 April 2024
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China.
The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R.
"The suspects are strongly suspected of working for a Chinese secret service since an unspecified
23 April 2024
HHS' Office for Civil Rights in new "frequently asked questions" guidance issued Friday night said it has not yet received breach reports from Change Healthcare, UHG, or any other affected covered entities pertaining to the incident.
23 April 2024
Similar to a recently reported issue in GitHub, users can abuse the "comments" feature in GitLab to upload malware to any repository without the repository owner's knowledge.
23 April 2024
Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment.
23 April 2024
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.
23 April 2024
Almost two-thirds of organizations across the globe have either fully or partially implemented zero-trust strategies, according to a report released Monday by Gartner based on a survey of 303 security leaders.
23 April 2024
Most compliance leaders tend to focus on building an ethical culture in their organizations to improve employee behavior, but it has a limited impact on addressing uncertainty about how to be compliant, according to a survey by Gartner.