June 25, 2024 at 05:59PM A critical security flaw in Progress Software’s MOVEit Transfer enables attackers to bypass authentication protocols and has been actively exploited shortly after being disclosed. The vulnerability, CVE-2024-5806 with CVSS 7.4, affects specific versions of MOVEit Transfer. Urgent patching is recommended due to the potential for cybercriminal exploitation and compromise of … Read more
May 22, 2024 at 10:04AM As the world becomes increasingly digitized, the rise in cyberattacks and data breaches necessitates urgent enhancement of cybersecurity measures. New mandates include SEC’s breach disclosure rules for smaller reporting companies by June 15, and federal agencies aiming to meet zero-trust goals by Sept. 30. An additional focus is requisite on … Read more
May 14, 2024 at 12:39PM Google has released an emergency security update for Chrome to address a zero-day vulnerability with potential for data theft, malware implantation, and more. This is the second zero-day patched within a week and the sixth this year. The update includes a patch for a high-severity out-of-bounds write in the V8 … Read more
May 10, 2024 at 03:33PM Dell recently suffered a data breach compromising 49 million customer records, including personal data and hardware details, which were subsequently offered for sale on the Breach hacking forum. A threat actor named Menelik admitted to exploiting a partner portal to access and scrape the information, claiming ease of registration and … Read more
April 22, 2024 at 07:03AM The UK government is criticized for its weak response to cyber-attacks by APT31, with concerns raised about the country’s critical infrastructure resilience. It’s essential to enhance cybersecurity defenses to combat ransomware and data breaches from organized criminal groups. Join the live webinar on April 29 to learn about mitigating cyberattacks’ … Read more
February 7, 2024 at 10:08AM The Super Bowl event attracts threat actors seeking payment card data, user credentials, and ransom opportunities. Cyber adversaries include cybercriminals, hacktivists, deliberate disruptors, and nation-state actors. Businesses must also consider internal threats posed by employees, temporary staff, and vendors. Adversaries engage in diverse tactics including social engineering, disinformation, and data … Read more
December 7, 2023 at 06:23PM Cybersixgill has launched new features for its cyber threat intelligence platform, including an Identity Intelligence module for compromised account monitoring, an improved Alerts page for faster threat response, and OSV Support for open-source vulnerability awareness. These tools aim to enhance threat detection, decision-making, and pre-emptive action to protect against cyber-attacks. … Read more