Researchers have discovered a more dangerous and prolific version of the wiper malware used by Russian military intelligence to disrupt satellite broadband service in Ukraine just before Russia’s February 2022…
Category: Cyber Security
Why AI obituary scams pose a cyber risk to businesses
Small-time scammers are generating near-instant obituaries for recently deceased strangers, taking advantage of vulnerable loved ones and potentially infecting their devices with malware. A new post on the Secureworks blog…
Massive Sign1 campaign infects over 39,000 WordPress sites with scam redirects
March 22, 2024PressroomWeb Security/Vulnerabilities A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam…
Apple is short on details in the latest iOS update
Apple released iOS 17.4.1, its latest security update, a few weeks after the release of iOS 17.4, but is intentionally vague about the details surrounding the new version. Apple notes…
China-linked group hacks networks via Connectwise, F5 software flaws
March 22, 2024PressroomCyber defense/vulnerability A China-linked threat cluster exploited security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of providing additional backdoors on compromised Linux…
Demonstrate compliance with our privacy laws
Kenya’s data protection agency has ordered TikTok to share details on its compliance with national privacy laws and user verification. Kithure Kindiki, Kenya’s interior minister, told members of parliament that…
New StrelaStealer phishing attacks hit over 100 organizations in the EU and US
Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer called StrelaStealer. The campaigns impact more than 100 organizations in the EU…
8 strategies to improve code signing security
COMMENT The recent news that hackers breached the remote access solutions company AnyDesk highlighted the need for companies to carefully analyze their code signing practices to ensure a more secure…
AWS fixes critical “FlowFixation” bug in Airflow service to prevent session hijacking
March 22, 2024PressroomAmazon Web Services/Vulnerabilities Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) managed workflows for Apache Airflow (MWAA) that could potentially be…
Strata Identity releases new authentication recipes
Strata Identity announced a Microsoft Identity Cookbook to help businesses securely move authentication from on-premises Microsoft Active Directory to the cloud-based Microsoft Enter ID. The recipes will also help enterprises…