cybersecurity

Salesforce Data Extortion Campaigns: UNC6040’s Vishing Tactics and Mitigation Strategies

Threat Intelligence

Salesforce Data Extortion Campaigns: UNC6040’s Vishing Tactics and Mitigation Strategies

Google’s Threat Intelligence team has identified a surge in social engineering attacks targeting multinational corporations through their...

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Red-Team

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Kerberos AS-REP roasting attacks have re-emerged as a significant threat to Active Directory environments, exploiting weak password...

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

CVE News

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

Hewlett Packard Enterprise (HPE) has issued an urgent security bulletin warning of eight vulnerabilities in its StoreOnce...

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Red-Team

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Two malicious RubyGems packages have been discovered masquerading as popular Fastlane CI/CD plugins, designed to intercept and...

Windows 11 Quick Machine Recovery: Automated Boot Failure Remediation

News

Windows 11 Quick Machine Recovery: Automated Boot Failure Remediation

Microsoft has introduced a new feature in Windows 11 called Quick Machine Recovery (QMR), designed to automatically...

Mozilla’s New Defense Against Cryptocurrency-Draining Firefox Extensions

News

Mozilla’s New Defense Against Cryptocurrency-Draining Firefox Extensions

Mozilla has introduced a new security mechanism designed to detect and block malicious Firefox extensions that target...

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

APT-News

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

Scattered Spider, a name that has dominated cybersecurity headlines since 2023, represents more than a traditional threat...

Tech Giants and Law Enforcement Clash Over Mobile Phone Theft Epidemic

News

Tech Giants and Law Enforcement Clash Over Mobile Phone Theft Epidemic

The escalating issue of mobile phone theft has sparked a contentious debate between technology companies like Apple...

Google Chrome to Remove Trust in Chunghwa Telecom and NetLock Certificates: Technical Impact and Mitigation

News

Google Chrome to Remove Trust in Chunghwa Telecom and NetLock Certificates: Technical Impact and Mitigation

Starting August 1, 2025, Google Chrome will no longer trust TLS certificates issued by Chunghwa Telecom (Taiwan)...

Microsoft and CrowdStrike Launch Cross-Platform Threat Actor Naming Initiative

Threat Intelligence

Microsoft and CrowdStrike Launch Cross-Platform Threat Actor Naming Initiative

Microsoft and CrowdStrike announced a joint initiative to create a unified reference system for tracking nation-state hacking...

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

CVE News

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

Technical details surrounding CVE-2025-20188, a maximum-severity arbitrary file upload vulnerability affecting Cisco IOS XE Wireless LAN Controller...

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

APT-News

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

The Federal Criminal Police Office of Germany (BKA) has publicly identified Vitaly Nikolaevich Kovalev, a 36-year-old Russian...

The Legal and Technical Implications of Forcing Google to Share Search Data

Cyber Laws & Regulations

The Legal and Technical Implications of Forcing Google to Share Search Data

The ongoing antitrust case against Google has reached a critical juncture, with Judge Amit Mehta expected to...

Microsoft Authenticator Password Autofill Deprecation: Migration and Security Implications

News

Microsoft Authenticator Password Autofill Deprecation: Migration and Security Implications

Microsoft has begun notifying users of its Authenticator app that the password autofill feature will be discontinued...

ConnectWise ScreenConnect Breach: Nation-State Attack Analysis and Mitigation

APT-News

ConnectWise ScreenConnect Breach: Nation-State Attack Analysis and Mitigation

ConnectWise, a leading IT management software provider, confirmed a cyberattack targeting its ScreenConnect remote access tool in...

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Threat Intelligence

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Threat actors are increasingly abusing Google Apps Script to host phishing pages, leveraging the platform’s trusted reputation...

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

CVE News

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...

US Sanctions Philippines-Based Firm Behind $200M Cyber Scam Infrastructure

Threat Intelligence

US Sanctions Philippines-Based Firm Behind $200M Cyber Scam Infrastructure

The U.S. Treasury Department has imposed sanctions on Funnull Technology, a Philippines-based company accused of facilitating cyber...

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

Blue-Team

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

Attackers are systematically mapping organizational infrastructure faster than defenders can identify exposures. According to Censys, 80% of...

Victoria’s Secret Cybersecurity Incident: Analysis and Implications for Enterprise Security

Data Breach

Victoria’s Secret Cybersecurity Incident: Analysis and Implications for Enterprise Security

Victoria’s Secret, the global lingerie retailer, took its U.S. website offline on May 28, 2025, following a...

Posts pagination

Previous 1 2 3 4 5 6 7 8 … 39 Next

cybersecurity

Salesforce Data Extortion Campaigns: UNC6040’s Vishing Tactics and Mitigation Strategies

Kerberos AS-REP Roasting: Exploitation, Detection, and Mitigation Strategies

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

Malicious RubyGems Impersonate Fastlane to Hijack Telegram API Data

Windows 11 Quick Machine Recovery: Automated Boot Failure Remediation

Mozilla’s New Defense Against Cryptocurrency-Draining Firefox Extensions

Scattered Spider: Beyond the Headlines – Tactics, Targets, and Mitigations

Tech Giants and Law Enforcement Clash Over Mobile Phone Theft Epidemic

Google Chrome to Remove Trust in Chunghwa Telecom and NetLock Certificates: Technical Impact and Mitigation

Microsoft and CrowdStrike Launch Cross-Platform Threat Actor Naming Initiative

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

Germany Identifies Conti and TrickBot Leader: A Deep Dive into the Cybercrime Operation

Microsoft Authenticator Password Autofill Deprecation: Migration and Security Implications

ConnectWise ScreenConnect Breach: Nation-State Attack Analysis and Mitigation

Google Apps Script Exploited in Sophisticated Phishing Campaigns

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

US Sanctions Philippines-Based Firm Behind $200M Cyber Scam Infrastructure

Attack Surface Mapping: How Adversaries Outpace Defenders and How to Respond

Victoria’s Secret Cybersecurity Incident: Analysis and Implications for Enterprise Security

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected