COMMENT Security corrective measures, such as patching and configuration changes, are an important task. It’s the difference between a threat actor penetrating a network or being stopped in their tracks.…
Category: Cyber Security
The Microsoft Edge bug could have allowed attackers to silently install malicious extensions
March 27, 2024PressroomAPI Vulnerabilities/Security A now fixed security flaw in the Microsoft Edge web browser may have been misused to install arbitrary extensions on users’ systems and perform malicious actions.…
The Phishing-as-a-Service operation “Darcula” claims victims around the world
Phishing as a service has come of age with what is being called the most pervasive packet scam operation globally to date. The Chinese-language phishing-as-a-service platform “Darcula” created 19,000 phishing…
SASE solutions fall short without enterprise browser extensions, a new report reveals
March 27, 2024News about hackersData Protection/Browser Security As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have turned to SASE,…
A new phishing attack delivers a keylogger disguised as a bank payment alert
March 27, 2024PressroomCyber Vulnerability/Cybercrime A new phishing campaign has been observed that leverages a new loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said…
Two Chinese APT groups step up cyber espionage against ASEAN countries
Over the past three months, two China-linked Advanced Persistent Threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as…
Australian government doubles down on cybersecurity following major attacks
The Australian government is drawing up plans to revamp cybersecurity laws and regulations in the wake of a series of high-profile damaging data breaches that have rocked the country. Government…
Apple Security Bug Opens iPhone, iPad to RCE
Apple has finally released more details about the mysterious updates the company quietly rolled out last week for iOS and iPadOS 17.4.1. Apparently, the updates concern a new vulnerability in…
The world’s hottest ransomware wave targets VMware ESXi servers
The Agenda ransomware group has ramped up infections around the world, thanks to a new and improved variant of its ransomware focused on virtual machines. Agenda (also known as Qilin…
It’s time to stop measuring security in absolute terms
COMMENT The context and metrics that drive risk assessments are constantly changing, as is our understanding of what progress looks like as a security team. You can’t measure everything, and…