PCI Compliance Is Not Just A Checkbox It’s A Live-Fire Security Test
Most executives still treat PCI DSS like paperwork something to file away after a quarterly scan. But that mindset is dangerous. PCI compliance isn’t just…
Category: CyberSecurityNews
New T1555.003 Technique Let Attackers Steal Passwords From Web Browsers
A sophisticated credential theft technique, identified as T1555.003 in the MITRE ATT&CK framework, has emerged as a significant threat to organizations worldwide. This technique enables…
Ransomware Groups Allegedly Breach IT Networks, Stealing Data from UK Retailers
A notorious ransomware group dubbed DragonForce has claimed responsibility for a series of cyber attacks targeting major UK retailers, with Co-op now confirming a significant…
RomCom RAT Attacking UK Organizations Via Customer Feedback Portals
A sophisticated Remote Access Trojan (RAT) dubbed “RomCom” has emerged as a significant threat targeting UK organizations through their customer feedback portals. Cybersecurity experts have…
Hackers Attacking HR Departments with Fake Resumes That Drop More_eggs Malware
A sophisticated cyber campaign targeting corporate human resources departments has been uncovered, with attackers exploiting the routine practice of opening job application attachments to deploy…
Hackers Weaponized 21 Apps to Gain Full Control of Ecommerce Servers
Security researchers have recently uncovered a sophisticated supply chain attack targeting ecommerce platforms through 21 widely-used applications. The backdoor, which remained dormant for six years…
Critical Microsoft Telnet 0-Click Vulnerability Exposes Windows Credentials
A critical vulnerability in Microsoft Telnet Server enables attackers to bypass authentication completely, potentially gaining administrator access without valid credentials. Organizations running legacy Windows systems…
New SonicBoom Attack Allows Bypass of Authentication for Admin Access
A critical new attack chain, dubbed “SonicBoom,” that enables remote attackers to bypass authentication and seize administrative control over enterprise appliances, including SonicWall Secure Mobile…
Critical Webmin Vulnerability Let Remote Attackers Escalate Privileges to Root-Level
A critical security vulnerability in Webmin, a widely-used web-based system administration tool, has been discovered, allowing remote attackers to escalate privileges and execute code with…
Microsoft to Block Emails With 550 5.7.15 Access denied Error
In a notable development that will affect numerous businesses globally, Microsoft has announced that it will commence the rejection of emails that do not adhere…
Apache Parquet Java Vulnerability Let Attackers Execute Arbitrary Code
A new critical security vulnerability in Apache Parquet Java has been disclosed that could allow attackers to execute arbitrary code through specially crafted Parquet files.…
Threat Actors Bypass MFA Using AiTM Attack via Reverse Proxies
Multi-factor authentication (MFA) has long been touted as a robust security measure against phishing attacks, but sophisticated threat actors have developed new techniques to circumvent…