Your blog category
Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111%… Read More »Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA
Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. “These vulnerabilities pose significant real-world risks,… Read More »Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
Imagine a sophisticated cyberattack cripples your organization’s most critical productivity and collaboration tool — the platform you rely on for daily operations. In the blink of an eye, hackers encrypt… Read More »A Hacker’s Era: Why Microsoft 365 Protection Reigns Supreme
The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that… Read More »Meta Fined €91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a… Read More »Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign
U.S. federal prosecutors on Friday unsealed criminal charges against three Iranian nationals who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for their targeting of current and former… Read More »U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes
Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company said, have been resolved in version… Read More »Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now
A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System (CUPS) on Linux systems that could permit remote command execution under certain conditions. “A… Read More »Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution
The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise… Read More »Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks
As security technology and threat awareness among organizations improves so do the adversaries who are adopting and relying on new techniques to maximize speed and impact while evading detection. Ransomware… Read More »How to Plan and Prepare for Penetration Testing