NKAbuse Malware Attacking Linux Desktops & Corn Persistence
Threat actors target Linux systems due to their prevalence in server environments, and cron jobs offer a discreet means of maintaining unauthorized access over an…
Month: December 2023
WordPress hosting service Kinsta targeted by Google phishing ads
WordPress hosting provider Kinsta is warning customers that Google ads have been observed promoting phishing sites to steal hosting credentials. Kinsta says the phishing attacks…
Qbot malware returns in campaign targeting hospitality industry
The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over the summer. In August, a…
What to do when receiving unprompted MFA OTP codes
Receiving an unprompted one-time passcode (OTP) sent as an email or text should be a cause for concern as it likely means your credentials have…
Rhadamanthys Stealer malware evolves with more powerful features
The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities…
MongoDB investigates a cyberattack, customer data exposed
MongoDB investigates a cyberattack, customer data exposed Pierluigi Paganini December 17, 2023 MongoDB on Saturday announced it is investigating a cyberattack that exposed customer account…
InfectedSlurs botnet targets QNAP VioStor NVR vulnerability
InfectedSlurs botnet targets QNAP VioStor NVR vulnerability Pierluigi Paganini December 17, 2023 The Mirai-based botnet InfectedSlurs was spotted targeting QNAP VioStor NVR (Network Video Recorder)…
Enhancing Security With Strategic Threat Intelligence
As we reflect on the transformative year of 2023 in the cybersecurity domain, we gather invaluable insights from industry experts who have been at the…
Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: SCS 9001 2.0 reveals enhanced controls for global supply chainsIn…
Paychex CISO Discusses Unique Data Protection Challenges
In an interview with The Cyber Express, Bradley J. Schaufenbuel, VP and Chief Information Security Officer at Paychex, shared insights into his nuanced approach to…
VPN Risk Report
Overview Traditionally, Virtual Private Networks (VPNs) have facilitated basic remote access. The rapid growth in the distributed workforce and increasing adoption of cloud technologies are…
MongoDB Suffers Security Breach, Exposing Customer Data
Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain”…