The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. The… Read More »CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September
Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. “This… Read More »New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads
Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent talk on exposure management. If you’d like to hear Andy’s insights first-hand, watch Intruder’s on-demand webinar.… Read More »Focus on What Matters Most: Exposure Management and Your Attack Surface
Let’s be honest. The world of cybersecurity feels like a constant war zone. You’re bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of… Read More »Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform
The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting… Read More »New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021. Deniss Zolotarjovs (aka… Read More »Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group
Cybersecurity researchers have uncovered a new information stealer that’s designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their… Read More »New macOS Malware “Cthulhu Stealer” Targets Apple Users’ Data
SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances.… Read More »Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office… Read More »Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide
Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade… Read More »Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control