Hackers Abuse EDR Free Trials to Bypass Endpoint Protection
Cybersecurity researchers have uncovered a concerning new attack vector where threat actors are exploiting free trials of endpoint detection and response (EDR) software to disable…
Month: August 2025
It’s time to sound the alarm on water sector cybersecurity
A cyberattack on a water facility can put entire communities and businesses at risk. Even a short disruption in clean water supply can have serious…
Microsoft Upgrades .NET Bounty Program, Offers Rewards Up to $40,000
Microsoft has announced significant enhancements to its .NET Bounty Program, introducing expanded coverage, streamlined award structures, and substantially increased financial incentives for security researchers. The…
Review: CISA Certified Information Systems Auditor Practice Tests
CISA Certified Information Systems Auditor Practice Tests offers practical, domain-by-domain prep for the CISA exam, with hundreds of questions covering key objectives and real-world systems…
Over 17,000 SharePoint Servers Found Exposed Online — 840 Vulnerable to Active 0-Day Attacks
A significant cybersecurity crisis has emerged with the discovery of over 17,000 Microsoft SharePoint servers exposed to internet-based attacks, including 840 systems vulnerable to a…
Security gaps still haunt shared mobile device use in healthcare
Shared mobile devices are becoming the standard in hospitals and health systems. While they offer cost savings and workflow improvements, many organizations are still struggling…
Infosec products of the month: July 2025
Here’s a look at the most interesting products from the past month, featuring releases from: Akeyless, At-Bay, Barracuda Networks, Bitdefender, Cynomi, Darwinium, DigitalOcean, Immersive, Lepide,…
First AI-Powered Malware LAMEHUG Attacking Organizations With Compromised Official Email Account
The cybersecurity landscape has witnessed a groundbreaking and concerning development with the emergence of LAMEHUG, the first publicly documented malware to integrate artificial intelligence capabilities…
Department of Education eyes 10-year tech uplift to tackle legacy risks
The Department of Education is in the early stages of developing a 10-year digital investment strategy aimed at modernising its “complex ICT architecture of legacy…
Silver Fox Hackers Using Weaponized Google Translate Tools to Deploy Windows Malware
A sophisticated malware campaign has emerged targeting unsuspecting users through weaponized versions of popular online tools, particularly Google Translate interfaces. The Silver Fox threat actors…
NIST releases Second Public Draft for Supply Chain Traceability
The NIST National Cybersecurity Center of Excellence (NCCoE) has released a second public draft of NIST Internal Report 8536, Supply Chain Traceability: Manufacturing Meta-Framework for public comment.…
Unit 42 Unveils Attribution Framework to Classify Threat Actors Based on Activity
Palo Alto Networks’ Unit 42 threat research team has introduced a groundbreaking systematic approach to threat actor attribution, addressing longstanding challenges in cybersecurity intelligence analysis.…