WordPress custom field plugin bug exposes over 1M sites to XSS attacks
Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are…
Mastering Patch Management: 10 Essential Best Practices for Optimal Security
What is patch management and why is it important? Software development is a continuous process, whether it involves creating a…
Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks
Build a culture of security so that everyone is on the lookout for suspect behavior. Implement least privilege, improve visibility.
Hackers use fake ‘Windows Update’ guides to target Ukrainian govt
The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious…
Hackers target vulnerable Veeam backup servers exposed online
Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile…
Hackers swap stealth for realistic checkout forms to steal credit cards
Hackers are hijacking online stores to display modern, realistic-looking fake payment forms to steal credit cards from unsuspecting customers. [...]
Linux version of RTM Locker ransomware targets VMware ESXi servers
RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on…
Building a Better SBOM
Generating an SBOM is easy. It's generating one that's comprehensive and accurate that's hard.
The Week in Ransomware – April 21st 2023 – Macs in the Crosshairs
A lot of news broke this week related to ransomware, with the discovery of LockBit testing macOS encryptors to an…
Play ransomware gang uses custom Shadow Volume Copy data-theft tool
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses…