News
ZTNAs Address Requirements VPNs Cannot. Here's Why.New!!

I recently hopped on the Lookout podcast to talk about virtual private networks (VPNs) and how they've been extended beyond their original use case of connecting remote laptops to your corporate network. Even...

Read more
News
Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' ScamsNew!!

Misconfigurations in smart contracts are being exploited by scammers to create malicious cryptocurrency tokens with the goal of stealing funds from unsuspecting users. The instances of token fraud in the wild include...

Read more
News
Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell AttacksNew!!

Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to...

Read more
News
Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on UkraineNew!!

Latest analysis into the wiper malware that targeted dozens of Ukrainian agencies earlier this month has revealed "strategic similarities" to NotPetya malware that was unleashed against the country's infrastructure and elsewhere in 2017. The...

Read more
News
Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud InfrastructureNew!!

An active espionage campaign has been attributed to the threat actor known as Molerats that abuses legitimate cloud services like Google Drive and Dropbox to host malware payloads and for command-and-control...

Read more
News
Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and ThemesNew!!

In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer's website were backdoored with malicious code in the first half of September...

Read more
News
Critical Bugs in Control Web Panel Expose Linux Servers to RCE AttacksNew!!

Researchers have disclosed details of two critical security vulnerabilities in Control Web Panel that could be abused as part of an exploit chain to achieve pre-authenticated remote code execution on affected...

Read more
News
Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted AttacksNew!!

A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed...

Read more
News
U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize UkraineNew!!

The U.S. Treasury Department on Thursday announced sanctions against four current and former Ukrainian government officials for engaging in "Russian government-directed influence activities" in the country, including gathering sensitive information about...

Read more
News
Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS SoftwareNew!!

Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager (RCM) for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute...

Read more