A critical security flaw (CVE-2024-56325) in Apache Pinot, a real-time distributed OLAP datastore, has been disclosed, allowing unauthenticated attackers to bypass authentication controls and gain…
A large-scale cybercrime operation dubbed “PrintSteal” has been exposed, revealing a complex network involved in the mass production and distribution of fraudulent Indian KYC documents.…
Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese espionage group, now targeting common IT solutions such as remote…
Recent research by Veriti has uncovered a disturbing trend in cybersecurity: malicious actors are increasingly leveraging cloud infrastructure to distribute malware and operate command-and-control (C2)…
HUMAN’s Satori Threat Intelligence and Research team has uncovered a complex cyberattack dubbed “BADBOX 2.0,” an evolution of the previously disclosed BADBOX operation. This sophisticated…
Trend Micro’s Managed XDR team has recently investigated a sophisticated Business Email Compromise (BEC) attack that targeted multiple business partners. The incident, which occurred over…
Zero Trust is a security framework that operates under the assumption that no implicit trust exists within a network. Every request for access must be…
Cybercriminals are evolving their phishing methods, employing more sophisticated social engineering tactics to deceive their targets. Recent findings from ESET’s APT Activity Report highlight a…
Traffic Distribution Systems (TDS) have emerged as critical tools for both legitimate and malicious purposes, serving as sophisticated redirection networks that manage traffic flow across…
Orange Cyberdefense has announced the development of InvokeADCheck, a new PowerShell module designed to streamline Active Directory (AD) assessments. Created by Niels Hofland and colleague…
Kudelski Security Research recently published an article detailing advanced methods for tracking and analyzing threat actor infrastructure, providing valuable insights into cyber attack patterns and…
Security researchers have disclosed critical Insecure Direct Object Reference (IDOR) vulnerabilities in ZITADEL’s administration interface that expose organizations to account takeover risks and unauthorized configuration changes. Tracked…
