Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto
Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise.
View ArticleMajor Saudi University to Offer AI, Cybersecurity Studies
University of Jeddah partners with Resecurity to teach cybersecurity skills.
View ArticleInside Job: Cyber Exec Admits to Hospital Hacks
Healthcare cyber services executive Vikas Singla admits to hobbling hospital operations, then using the incidents to try and gin up extra business.
View ArticleDPRK Hackers Masquerade as Tech Recruiters, Job Seekers
No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage.
View ArticleAutoZone Files MOVEit Data Breach Notice With State of Maine
The company temporarily disabled the application and patched the vulnerability, though affected individuals should still remain vigilant.
View ArticleCitrix Bleed Bug Inflicts Mounting Wounds, CISA Warns
Patch or isolate now: Organizations in every sector run the risk of hemorrhaging data as opportunistic attacks from LockBit ransomware and others grow.
View ArticleThe 7 Deadly Sins of Security Awareness Training
Stay away from using these tactics when trying to educate employees about risk.
View ArticleThe Persian Gulf's March to the Cloud Presents Global Opportunities
Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East by 2027.
View ArticleRootkit Turns Kubernetes From Orchestration to Subversion
Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference.
View ArticleScattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.
View ArticleIdaho National Nuclear Lab Targeted in Major Data Breach
The laboratory operates a major test reactor, tests advanced nuclear energy concepts, and conducts research involving hydrogen production and bioenergy.
View Article3 Ways to Stop Unauthorized Code From Running in Your Network
As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code.
View ArticleMideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions
The Israel-Gaza conflict could expose the region's oil and gas operations to renewed cyberattacks, with global ramifications.
View ArticleResearchers Undermine 'Windows Hello' on Lenovo, Dell, Surface Pro PCs
Biometric security on PCs isn't quite as bulletproof as you might think, as the line between sensors and host computers can be tampered with.
View ArticleQatar Cyber Agency Runs National Cyber Drills
Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes.
View ArticleWeb Shells Gain Sophistication for Stealth, Persistence
A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal.
View ArticleGenerative AI Takes on SIEM
IBM joins Crowdstrike and Microsoft is releasing AI models to cloud-native SIEM platforms.
View ArticleFake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.
View Article