New NachoVPN attack uses rogue VPN servers to install malicious updates
A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall…
‘RomCom’ APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a…
Geico, Travelers Fined $11.3M for Lax Data Security
New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims…
QNAP addresses critical flaws across NAS, router software
QNAP has released security bulletins over the weekend, which address multiple vulnerabilities, including three critical severity flaws that users should…
New Levels, New Devils: The Multifaceted Extortion Tactics Keeping Ransomware Alive
Having evolved from a basic premise of locking down a victim’s data with encryption, then demanding a ransom for its…
Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’
Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of…
Going Beyond Secure by Demand
Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step…
Navigating the Complexities of AI in Content Creation and Cybersecurity
As AI technology continues to evolve, its integration into various business sectors like content creation is expanding. AI’s capabilities can…
Cross-Site Scripting Is 2024’s Most Dangerous Software Weakness
MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to…
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities. [...]