3CX Breach Was a Double Supply Chain Compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex,…
Bitsight Expands into Integrated Cyber-Risk Management
BOSTON – April 20, 2023 – Bitsight, a leader in managing and monitoring cyber risk, today...
Biden administration hiking mortgage fees for Americans with good credit to subsidize home buyers with bad credit
American home buyers who have good credit scores will be penalized in an effort by the Biden administration to achieve…
Global Spyware Attacks Spotted Against Both New & Old iPhones
Campaigns that wielded NSO Group's Pegasus against high-risk users over a six-month period demonstrate the growing sophistication and relentless nature…
3CX hack caused by trading software supply chain attack
An investigation into last month's 3CX supply chain attack discovered that it was caused by another supply chain compromise where…
Microsoft SQL servers hacked to deploy Trigona ransomware
Attackers are hacking into poorly secured and Interned-exposed Microsoft SQL (MS-SQL) servers to deploy Trigona ransomware payloads and encrypt all…
Popular Fitness Apps Leak Location Data Even When Users Set Privacy Zones
Unsophisticated attackers can pinpoint where a person lives by lifting metadata from Strava and other apps, even if they're using…
3 Flaws, 1 War Dominated Cyber-Threat Landscape in 2022
Attackers continued to favor software exploits, phishing, and stolen credentials as initial-access methods last year, as Log4j and the Russia-Ukraine…
Akamai Technologies to Acquire API Security Company Neosec
Combined solutions expected to deliver complete API visibility and security coverage across all of the OWASP API top 10 attacks.
How to Prevent 2 Common Attacks on MFA
MFA isn't immune from the tug of war between attackers and defenders.