The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines.…
Critical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and…
A proof-of-concept (PoC) exploit for a Veeam Backup Enterprise Manager authentication bypass flaw tracked as CVE-2024-29849 is now publicly available, making…
CISO Corner: Apple’s AI Privacy Promises; CEOs in the Hot Seat
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also…
Scattered Spider hackers switch focus to cloud apps for data theft
The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines.…
New York Times warns freelancers of GitHub repo data breach
The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and…
Pakistani Hacking Team ‘Celestial Force’ Spies on Indian Gov’t, Defense
Against a backdrop of political conflict, a years-long cyber espionage campaign in South Asia is coming to light.
Rockwell’s ICS Directive Comes As Critical Infrastructure Risk Peaks
Critical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and…
RansomHub Brings Scattered Spider Into Its RaaS Fold
The threat group behind breaches at Caesars and MGM moves its business over to a different ransomware-as-a-service operation.
Forced-Labor Camps Fuel Billions of Dollars in Cyber Scams
Greater collaboration between financial and law enforcement officials is needed to dismantle cybercrime scam centers in Cambodia, Laos, and Myanmar,…
Applied Human Threat Management in Cyber Industry
By Milica D. Djekic The high-tech industry is an extremely emerging environment dealing with the sophisticated and skilled workforce that…
A Look at the Riskiest Connected Devices of 2024
VoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from…
Exploit for critical Veeam auth bypass available, patch now
A proof-of-concept (PoC) exploit for a Veeam Backup Enterprise Manager authentication bypass flaw tracked as CVE-2024-29849 is now publicly available, making…