China’s UNC5337 Exploits a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the…
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti's commitment to secure-by-design principles, threat actors — possibly the same ones as before —…
Raccoon Stealer malware operator gets 5 years in prison after guilty plea
Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware…
Bitfinex hacker gets 5 years in prison for 120,000 bitcoin heist
A hacker responsible for stealing 119,754 Bitcoin in a 2016 hack on the Bitfinex cryptocurrency exchange was sentenced to five…
Solving the painful password problem with better policies
Weak and reused credentials continue to plague users and organizations. Learn from Specops software about why passwords are so easy…
‘Midnight Blizzard’ Targets Networks With Signed RDP Files
The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering…
Recurring Windows Flaw Could Expose User Credentials
Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.
New Windows Driver Signature bypass allows kernel rootkit installs
Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully…
Why Legacy MFA is DOA
Multi-Factor Authentication (MFA) has long been heralded as a cornerstone of secure digital practices. However, the traditional forms of MFA,…
Hitachi Energy Vulnerabilities Plague SCADA Power Systems
The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity.