Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September… Read More »Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what’s… Read More »AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes… Read More »5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage
More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it’s being used by a large number… Read More »Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat… Read More »New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet
The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of… Read More »U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails
Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could’ve opened the door… Read More »THN Cybersecurity Recap: Last Week’s Top Threats and Trends (September 23-29)
Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111%… Read More »Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA
Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. “These vulnerabilities pose significant real-world risks,… Read More »Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks
Imagine a sophisticated cyberattack cripples your organization’s most critical productivity and collaboration tool — the platform you rely on for daily operations. In the blink of an eye, hackers encrypt… Read More »A Hacker’s Era: Why Microsoft 365 Protection Reigns Supreme