A New C++ Variant of BellaCiao Malware
Dec 25, 2024Ravie LakshmananCyber Attack / Malware The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a…
Month: December 2024
New Sophisticated Attack Weaponizes Windows Defender to Bypass EDR
A sophisticated attack technique that weaponizes Windows Defender Application Control (WDAC) to disable Endpoint Detection and Response (EDR) sensors on Windows machines. WDAC, a technology…
Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commands
A critical SQL injection vulnerability, identified as CVE-2024-45387, has been discovered in Apache Traffic Control, a widely used open-source platform for managing large-scale content delivery…
Nokia launches new tech against Quantum Threats and Interpol welcomes Convention against Cyber Crime
Nokia and Turkcell Introduce Revolutionary Quantum-Safe IPsec Cryptography for Mobile Networks Nokia, in partnership with Turkey’s leading telecommunications provider, Turkcell, has unveiled a groundbreaking IPsec…
Top Trends in SaaS Security Testing: Safeguarding the Cloud in 2024
As Software-as-a-Service (SaaS) solutions continue to dominate the enterprise landscape, securing these cloud-based applications has become more critical than ever. With businesses increasingly relying on…
Postman Data Leak – 30,000 Publicly Accessible Workspaces Could Lead Massive Hack
Researchers uncovered a widespread and alarming trend involving data leaks from Postman, a widely used cloud-based API development and testing platform. The investigation reveals that…
Apple seeks to defend Google’s billion-dollar payments in search case – Software
Apple has asked to participate in Google’s upcoming US antitrust trial over online search, saying it cannot rely on Google to defend revenue-sharing agreements that…
Marriott and Starwood ordered to implement wide-ranging security program – Security
Marriott and Starwood Hotels & Resorts must implement a “comprehensive information security program” to settle charges filed in the US after three large data breaches.…
Microsoft works to add non-OpenAI models into 365 Copilot products – Software
Microsoft has been working on adding internal and third-party artificial intelligence models to power its flagship AI product Microsoft 365 Copilot, in a bid to…
Understanding Modern Security Postures –
Making sense of modern security postures can be challenging. In the past few years, the complexity of most IT environments has skyrocketed as organizations migrate…
It Takes a Village – and a Lot of Time – to Manage Data Security and Compliance –
For security teams, sensitive content is generally at the centre of what they need to protect in their corporate IT systems. Yet, it is often…
New botnet exploits vulnerabilities in NVRs, TP-Link routers
A new Mirai-based botnetis actively exploiting a remote code execution vulnerability that has not received a tracker number and appears to be unpatched in DigiEver DS-2105…