March 13, 2024 at 12:21PM OPSWAT CEO Benny Czarny analyzes the challenges of securing file upload cybersecurity, emphasizing the limitations of three common tools used alone: anti-malware scanning, web application firewalls, and sandboxing. OPSWAT’s MetaDefender Platform offers a comprehensive defense-in-depth strategy combining multiple antivirus engines, deep content disarm and reconstruction, proactive data loss prevention, and … Read more
January 2, 2024 at 03:58PM Hackers recently targeted UK-based Radioactive Waste Management (RWM) using social engineering and LinkedIn. The company, now part of Nuclear Waste Services (NWS), has seen attempts to exploit business changes after a recent merger. The attackers were blocked through “multi-layered defenses,” but LinkedIn’s guidance recommends caution to avoid falling prey to … Read more
December 7, 2023 at 02:34PM A new proxy Trojan targeting macOS users via pirated software creates a covert proxy server to enable backdoor access and illicit activities, Kaspersky reports. The Trojan, also found for Android and Windows, uses DNS-over-HTTPS to evade detection. Experts advise using antiviruses and avoiding pirated software to prevent attacks. Meeting Takeaways: … Read more
December 5, 2023 at 12:07PM CISA warns of ongoing attacks exploiting a critical Adobe ColdFusion vulnerability (CVE-2023-26360), despite a fix. Hackers targeted government servers, installing malware and conducting reconnaissance. Although attacks were contained, CISA stresses updating ColdFusion and enhancing security measures. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a … Read more
December 4, 2023 at 03:06AM UEFI firmware from various vendors contains high-impact flaws in image parsing libraries, dubbed LogoFAIL by Binarly, which can be exploited to bypass security measures like Secure Boot and deliver persistent malware during boot-up using malicious logo images. The widespread vulnerabilities, affecting many x86 and ARM devices, will be detailed at … Read more
November 4, 2023 at 02:02PM Discord will implement temporary CDN links by the end of the year to prevent attackers from using its content delivery network for distributing malware. This change will not affect users who share content within the Discord client. Links to files uploaded to Discord servers will expire after 24 hours, improving … Read more