Giant health insurer struck by ransomware didn’t have antivirus protection
The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in…
Month: October 2023
Microsoft plans to kill off NTLM authentication in Windows 11
Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. NTLM (short for New Technology LAN Manager) is…
Container Security in a GitOps Environment
GitOps is a methodology that uses Git (or other version control systems) to store all aspects of a project’s infrastructure, such as infrastructure as code…
Publisher’s Spotlight: AT&T Cybersecurity: Edge Ecosystem
Each year, the cybersecurity industry anticipates a handful of landmark research that informs the market regarding benchmarking best practices, understanding emerging trends, and innovation breakthroughs.…
Update now! Atlassian Confluence vulnerability is being actively exploited
Microsoft Threat Intelligence has revealed that it has been tracking the active exploitation of a vulnerability in Atlassian Confluence software since September 14, 2023. Microsoft…
How Ethical Hackers Are Securing Elections
Coordinated Vulnerability Disclosure (CVD) or Vulnerability Disclosure Policies (VDP) for technology are key components of a security strategy that builds trust with users and stakeholders.…
Hackers use Binance Smart Chain contracts to store malicious scripts
Cybercriminals are employing a novel code distribution technique dubbed ‘EtherHiding,’ which abuses Binance’s Smart Chain (BSC) contracts to hide malicious scripts in the blockchain. The…
OWASP ZAP 2.14.0 Released – What’s New!
OWASP ZAP is a free and open-source web application security scanner. It is designed to be utilized by expert penetration testers as well as individuals…
Pro-Russia Hackers Exploiting Winrar Flaw to Steal Credentials
A new phishing attack has been discovered, which uses malicious archive files to exploit the recently found WinRAR vulnerability CVE-2023-38831 using a Powershell script that…
Israel Hamas war deteriorates in cyber space with fake currency begging scam
Amidst the cries for freedom from the war initiated by Hamas, innocent citizens of Israel are facing a new threat in the form of heartless…
US SEC launches probe into mass MOVEit breach
The US Securities and Exchange Commission (SEC) has launched a probe into the mass breach of Progress Software’s MOVEit file transfer tool, which is now…
Telegram, AWS, & Alibaba Users Targeted in supply chain attack
A new supply-chain attack, which was active throughout September 2023, has been discovered in which threat actors used Typosquatting and Startjacking techniques to lure developers…