Russia-linked APT Star Blizzard targets WhatsApp accounts
Russia-linked APT Star Blizzard targets WhatsApp accounts Pierluigi Paganini January 17, 2025 The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign,…
Month: January 2025
CISA Releases Recommendations For Closing Software Understanding Gap
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with other federal agencies, has released a comprehensive report urging a national effort to better understand…
BitMEX Fined $100 Million for Violating Bank Secrecy Act
In a significant legal development, HDR Global Trading Ltd., operating under the name BitMEX, has been fined $100 million for violating the Bank Secrecy Act.…
How Video-Based Training Drives Compliance in Cybersecurity Policies
Cybersecurity threats are becoming more sophisticated, posing significant risks to organizations of all sizes. With sensitive data and critical systems at stake, employee compliance with…
Balancing usability and security in the fight against identity-based attacks
In this Help Net Security interview, Adam Bateman, CEO of Push Security, talks about the rise in identity-based attacks, how they’re becoming more sophisticated each…
Active Directory Group Policy Bypassed To Allow NTLMv1 Authentications
Silverfort’s cybersecurity research team has uncovered a significant flaw in Microsoft’s Active Directory Group Policy that allows NTLMv1 authentication to persist despite being ostensibly disabled.…
Hackers Deploy Web Shell To Abuse IIS Worker And Exfiltrate Data
An attacker exploited a vulnerability in the batchupload.aspx and email_settings.aspx pages on the target server that allowed them to upload a malicious web shell to…
MSSqlPwner: Open-source tool for pentesting MSSQL servers
MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using…
U.S. President Issues Executive Order to Strengthen National Cybersecurity
To strengthen the nation’s defenses against cyber threats, U.S President signed an Executive Order on Thursday to enhance cybersecurity measures across federal agencies and the…
CISA Releases Guidelines For Closing Software Understanding Gap
The Cybersecurity and Infrastructure Security Agency (CISA) has released a pivotal report calling for urgent action to address the “software understanding gap.” This comprehensive document…
EU takes decisive action on healthcare cybersecurity
The Commission has presented an EU action plan aimed at strengthening the cybersecurity of hospitals and healthcare providers. The initiative is an essential step in…
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection…