Microsoft to Mandate Multi-Factor Authentication for All Azure Users
Microsoft has said that all Azure users will have to use multi-factor authentication (MFA) starting in July. This is a big step to make the…
Category: CyberSecurityNews
Darkgate Malware Weaponized XLSX, HTML &PDF To Attack Windows
Hackers often target XLSX, HTML, and PDF files as they are widely used, and their trustable file formats also attract them. This makes it easier…
LogRhythm and Exabeam to Merge to Boost SIEM & SOAR
LogRhythm and Exabeam, two leading cybersecurity companies, announced today their intent to merge in a transformative deal that will create a powerful force in the…
Apple Safari Zero-Day Flaw Exploited At Pwn2Own : Patch Now
Apple has released security updates to address a zero-day vulnerability in its Safari web browser that was exploited during this year’s Pwn2Own Vancouver hacking competition. …
PoC Exploit Released for Ivanti EPMM MobileIron Core
A newly disclosed vulnerability, CVE-2024-22026, has been found in Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core. This vulnerability allows a local attacker to gain…
Hackers Exploiting Quick Assist Tool To Deliver Ransomware
Hackers often target remote assist tools because they create a direct channel to access desired systems with minimum effort. These tools have been built for…
Earth Hundun Hacker Group Employs Advanced Tactics
Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear. We first encountered Deuterbear in Earth Hundun’s arsenal in October 2022, signaling its implementation.…
Palo Alto Networks Buys IBM’s QRadar
Palo Alto Networks has made a significant decision to enhance its cloud security services by acquiring IBM’s QRadar cloud security assets. The acquisition will allow…
Authorities Seized Notorious Data Leak Site BreachForums
The notorious data leak site BreachForums has been taken over by the police. Cybercrime and data leaks are still being fought, but this is a…
Critical SAP NetWeaver AND CX Commerce Flaw Leads To Complete Takeover
Three vulnerabilities associated with CSS injection, file upload, and remote code execution have been discovered in the SAP Customer Experience (CX) commerce cloud and SAP…
Wireshark 4.2.5 Released – What’s New!
The Wireshark team has announced the release of Wireshark 4.2.5, a maintenance update to the popular network protocol analyzer. This new version brings important security…
Google Chrome Zero-day (CVE-2024-4947) Actively Exploited in The Wild
Google has released an emergency security update for its Chrome web browser to patch a high-severity vulnerability that is being actively exploited by attackers in…