June 25, 2024 at 06:45AM Browser security is gaining traction as organizations seek to protect against web-borne threats and internal data exfiltration. In a new report, “CISO Testimonials: 6 Real Life Stories of Cutting Costs with a Browser Security Platform,” CISOs highlight the benefits of browser security, including reduced workloads and enhanced efficiency. The report … Read more
June 13, 2024 at 03:40PM Researchers developed a proof-of-concept exploit for an SQL injection bug, CVE-2024-29824, in Ivanti Endpoint Manager. The bug allows unauthenticated attackers to execute code remotely, posing a significant threat. Ivanti responded promptly, releasing a patch within six weeks. Organizations are advised to implement the patch and restrict access to the management … Read more
June 12, 2024 at 10:09AM Cybersecurity researchers have uncovered an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. The threat actors abused anonymous access to launch malicious container images containing a DERO miner. The attack involves targeting externally accessible Kubernetes API servers and uses obfuscation techniques to resist analysis. The attacker’s tactics … Read more
June 12, 2024 at 07:39AM Symantec reports that threat actors using Black Basta ransomware exploited a privilege escalation flaw in Microsoft’s Windows Error Reporting Service as a zero-day, patched in March 2024. Symantec’s observation points to attempts to exploit the vulnerability in an unsuccessful ransomware attack. It also highlights the emergence of a new ransomware … Read more
June 6, 2024 at 06:18AM Threat actors are employing legitimate packer software like BoxedApp to distribute malware, targeting financial and government sectors. Malware families like Agent Tesla and Remcos are being propagated using NSIXloader. Another packer codenamed Kiteshield has been used by threat actors to target Linux systems. These techniques aim to evade endpoint security … Read more
June 4, 2024 at 08:13AM A sophisticated cyber attack targeting endpoints in Ukraine aims to deploy Cobalt Strike and establish control over compromised hosts. The attack involves a multi-stage malware strategy using a Microsoft Excel file with an embedded VBA macro. The attack employs evasion techniques, location-based checks, and manipulation of DLL files for persistence … Read more
June 3, 2024 at 06:30AM Security researcher Sam Curry has identified authorization bypass issues in Cox modems, allowing potential unauthorized access and the execution of malicious commands. Following responsible disclosure, the U.S. broadband provider promptly addressed the vulnerabilities. Curry’s analysis revealed potential access to sensitive customer data and the ability to modify device settings, posing … Read more
May 31, 2024 at 08:09AM The digital landscape presents both benefits and threats as sharing digital content expands, particularly through email, documents, and chat. Cybersecurity is a relentless battle, with threat actors continuously evolving tactics to outpace defenses. Everfox’s innovative prevention-based approach, especially its transformation-based Content Disarm and Reconstruction, is non-reliant on detection and effectively … Read more
May 24, 2024 at 02:32PM Microsoft is introducing “Recall,” an AI-powered feature that enables users to find and remember content on their PC. The technology takes periodic snapshots, storing them locally and fully encrypted. However, this has raised privacy concerns, as critics worry about potential exposure of sensitive information. Microsoft assures users of control and … Read more
May 24, 2024 at 12:51PM MITRE Corporation disclosed a cyber attack on a not-for-profit company in late December 2023, revealing details of the attack involving rogue virtual machines created within the VMware environment. The attack, attributed to a China-linked threat actor, exploited Ivanti Connect Secure flaws and highlights the need for organizations to remain vigilant … Read more