Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. This is done to “facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services,” the Symantec Threat… Read More »Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications
In today’s rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these cyber threats grow in sophistication, understanding and countering… Read More »Expert-Led Webinar – Uncovering Latest DDoS Tactics and Learn How to Fight Back
SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business. At the same time, these applications also pose a new security… Read More »New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data
The U.S. government on Thursday published a new cybersecurity advisory warning of North Korean threat actors’ attempts to send emails in a manner that makes them appear like they are from legitimate… Read More »NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources
Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion times over the past two years. “Passkeys are easy to use and… Read More »Google Announces Passkeys Adopted by Over 400 Million Accounts
HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote code execution (RCE) on affected systems. Of the 10 security defects,… Read More »Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app’s home directory.… Read More »Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw
A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting… Read More »Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million
A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 (CVSS score: 9.8),… Read More »New “Goldoon” Botnet Targets D-Link Routers With Decade-Old Flaw
Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by unidentified threat actors, who accessed emails, usernames, and general account settings associated with all users of the… Read More »Dropbox Discloses Breach of Digital Signature Service Affecting All Users