Caldera Open Source Security tool for critical Infrastructure
MITRE has CISA (America’s cyber defense agency) unveiled a collection of plugins designed to extend the capabilities of Caldera into the Operational Technology (OT) environment. …
Month: September 2023
9 Alarming Vulnerabilities Uncovered in SEL’s Power Management Products
Sep 06, 2023THNVulnerability / ICS Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). “The most severe…
CIO interview: Cynthia Stoddard, Adobe
Cynthia Stoddard joined Adobe as CIO in June 2016 and developed an IT transformation strategy that drew on a co-development approach with the rest of…
Cactus Ransomware Group Lists 5 Global Corps As Victims!
In a concerning turn of events, a relatively new ransomware group known as the Cactus ransomware group has recently added five high-profile victims to their…
Bug Bytes #210 – Zenbleed, Interview Questions, Challenge Coins and SQL Injections
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…
Chrome 116 Update Patches High-Severity Vulnerabilities
Google on Tuesday announced the release of a Chrome 116 update that patches four high-severity vulnerabilities reported by external researchers. Tracked as CVE-2023-4761, the first…
MITRE and CISA release Caldera for OT attack emulation
MITRE and CISA release Caldera for OT attack emulation Pierluigi Paganini September 06, 2023 MITRE and CISA released a Caldera extension for OT that allows…
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
A threat actor known as W3LL developed a phishing kit that can bypass multi-factor authentication along with other tools that compromised more than 8,000 Microsoft…
Blame Culture: An Organisation’s Ticking Time Bomb
An organisation’s attitudes to cybersecurity are almost as important as the steps taken to prevent such attacks. Regardless, when something does go wrong, blame culture…
AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure
AtlasVPN developers are working on a patch for an IP leak vulnerability whose details were made public by a researcher who decided to take the…
School’s Back, Cyberattack – IT Security Guru
It’s a fact that all organisations are valuable targets for cybercriminals, no matter the size of the organisation. However, some sectors are targeted more than…
How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
Sep 06, 2023THNCyber Crime / Email Security A previously undocumented “phishing empire” has been linked to cyber attacks aimed at compromising Microsoft 365 business email…