​Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the… Read More »Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

​Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly… Read More »Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

​The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America,… Read More »CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

​A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating… Read More »Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

​A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the “audio gap” and exfiltrating sensitive information by taking advantage of the noise generated by… Read More »New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers

​Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots… Read More »Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

​The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to… Read More »Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments

​A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks.… Read More »New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks

​The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia.… Read More »Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks

​The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access… Read More »Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT