How Criminals Are Using Synthetic Identities for Fraud
Organizations must improve their cybersecurity protocols to detect fraudulent identities and make sure they're safeguarding their consumers’ personal information.
US State Dept employees’ phones hacked using NSO spyware
Apple has warned US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy…
USB Devices the Common Denominator in All Attacks on Air-Gapped Systems
A new study of 17 malware frameworks shows threat actors always use USB drives to sneak malware into air-gapped environments…
Zoho: Patch new ManageEngine bug exploited in attacks ASAP
Business software provider Zoho urged customers today to update their Desktop Central and Desktop Central MSP installations to the latest…
An Insider’s Account of Disclosing Vulnerabilities
Vendors drag their heels when it comes to identifying software vulnerabilities and are often loath to expedite the fixes.
Develop ‘Foursight’ — Keep Your Post-COVID Transformation on Track
For IT organizations, the global health crisis didn't make meeting current and future compliance obligations easier. Here are four content…
Hackers use in-house Zoho ServiceDesk exploit to drop webshells
An advanced persistent threat (APT) group that had been exploiting a flaw in the Zoho ManageEngine ADSelfService Plus software has pivoted to…
Russian internet watchdog announces ban of six more VPN products
Russia's internet watchdog, 'Roskomnadzor', has announced the ban of six more VPN products, bringing the total number to more than…
Breaking the Black Mirror and Other Lessons From Day of Shecurity
Diversity brings more varied solutions to major challenges in cybersecurity, just as it does in every other industry.
Emotet now spreads via fake Adobe Windows App Installer packages
The notorious Emotet malware is now distributed through malicious Windows App Installer packages that pretend to be Adobe PDF software.…