Cryptocurrency wallet drainers stole $494 million in 2024
Scammers stole $494 million worth of cryptocurrency in wallet drainer attacks last year that targeted more than 300,000 wallet addresses.…
Norway recommends replacing SSL VPN to prevent breaches
The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related…
Privilege elevation exploits used in over 50% of insider attacks
Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether…
Oracle Enables MFA by Default on Oracle Cloud
Mandatory multifactor authentication is just the latest in Oracle's commitment to have security built-in by default into Oracle Cloud Infrastructure.
Microsoft Discloses 5 Zero-Days in Voluminous July Security Update
Fixes for more than 100 vulnerabilities affect numerous products, including Windows, Office, .Net, and Azure Active Directory, among others.
Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs
Mandiant's ongoing investigation of UNC3886 has uncovered new details of threat actors' TTPs.
Microsoft Patch Tuesday, May 2023 Edition
Microsoft today released software updates to fix at least four dozen security holes in its Windows operating systems and other…
Microsoft May 2023 Patch Tuesday fixes 3 zero-days, 38 flaws
Today is Microsoft's May 2023 Patch Tuesday, and security updates fix three zero-day vulnerabilities and a total of 38 flaws.…
Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts
Two common attacks against on-premises Kerberos authentication servers — known as Pass the Ticket and Silver Ticket — can be…
How To Guard Critical Infrastructure Against the Sophisticated ‘Golden Ticket’ Attacks
The Powerful ‘Golden Ticket’ Attacks are Surging in Popularity – What You Need to Know By David Levine, […] The…