Your blog category
Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. “These vulnerabilities are… Read More »Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law… Read More »Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware
Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is… Read More »How to Build Your Autonomous SOC Strategy
Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors. “We observed that the endpoints used to… Read More »Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud
The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as “likely the world’s largest botnet ever,” which consisted of an army of 19 million infected… Read More »U.S. Dismantles World’s Largest 911 S5 Botnet, with 19 Million Infected Devices
Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index (PyPI) repository to facilitate cryptocurrency theft as part of a broader… Read More »Cybercriminals Abuse StackOverflow to Promote Malicious Python Package
Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE-2024-24919, the issue impacts CloudGuard Network,… Read More »Check Point Warns of Zero-Day Attacks on its VPN Gateway Products
Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha. The malware is “specifically aimed… Read More »Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha
A recent study by Wing Security found that 63% of businesses may have former employees with access to organizational data, and that automating SaaS Security can help mitigate offboarding risks. … Read More »New Research Warns About Weak Offboarding Management and Insider Risks
The U.S. Department of Justice (DoJ) has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise (BEC) schemes and romance… Read More »U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams