Rambus announced its next-generation CryptoManager Security IP solutions including Root of Trust, Hub and Core families. The CryptoManager Security IP offerings deliver progressively higher levels of functional integration and security, enabling customers to choose the level of security features and…
Category: EN
Alloy Fraud Attack Radar provides intelligence on fraud threats
Alloy launched Fraud Attack Radar, a machine learning-powered solution that provides financial institutions (FIs) and fintechs with actionable intelligence on fraud threats targeting new account creation. The new solution helps organizations address rising fraud risks by alerting in real-time when…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution
In this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content…
Critical Veritas Vulnerability Allows Attackers to Execute Malicious Code
A critical vulnerability has been discovered in Veritas’ Arctera InfoScale product, a solution widely used for disaster recovery and high availability scenarios. The issue lies in the insecure deserialization of untrusted data in the .NET remoting endpoint, allowing attackers to…
Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies
Cross-border data transfers enable global business but face challenges from varying cybersecurity laws, increasing risks of cyberattacks and data breaches. The digital revolution has enabled organizations to operate seamlessly across national boundaries, relying on cross-border data transfers to support e-commerce,…
U.S. CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: A Vietnamese cybercrime group, tracked…
MIWIC25 – Eva Benn, Chief of Staff, Strategy – Microsoft Red Team
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected…
Ragnar Loader Employed By Multiple Ransomware Groups To Evade Detection
A sophisticated malware toolkit known as Ragnar Loader has been identified as a critical component in targeted ransomware attacks. The loader, also known as Sardonic Backdoor, serves as the primary infiltration mechanism for the Monstrous Mantis ransomware group, formerly known…
EncryptHub A Multi-Stage Malware Compromised 600 Organizations
A sophisticated cybercriminal group known as EncryptHub has successfully compromised approximately 600 organizations through a multi-stage malware campaign. The threat actor exploited operational security mistakes, inadvertently exposing critical elements of their infrastructure, which allowed researchers to map their tactics with…
Chrome Security Update – Patch for Multiple High-Severity Vulnerabilities
Google has rolled out a critical security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could enable arbitrary code execution and sandbox escapes. The Stable Channel Update 134.0.6998.88/.89 for Windows and Mac, and 134.0.6998.88 for Linux, released on…
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches
Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees. The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of…
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder. The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt,…
Healthcare breaches expose thousands, X outage, MGM suit dropped
Four healthcare breaches expose over 560,000 records Cyber attack allegedly behind X outages Case against MGM ransomware attack dropped Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Strengthening Data Security: Mitigating Double Extortion Ransomware Attacks
For over one month, newspaper publishing giant Lee Enterprises has been suffering the ramifications of a ransomware attack. Allegedly conducted by the Qilin ransomware group, the incident has caused ongoing disruptions to operations and significant delays to contractor and freelancer payments. …
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Latest Chrome Update Addresses Multiple High-Risk Security Issues
Google has released a critical update for its Chrome browser, advancing the stable channel to version 134.0.6998.88 for Windows, Mac, and Linux, and 134.0.6998.89 for Windows and Mac on the Extended Stable channel. This update includes several high-priority security fixes…
Apache Tomcat Flaw Could Allow RCE Attacks on Servers
Apache Tomcat, a widely used open-source web server software, has faced numerous security vulnerabilities in recent years. Some critical issues put servers at risk of remote code execution (RCE) and other attacks. These vulnerabilities highlight the importance of keeping software…
Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days
Apple argues sideloading threatens security, while users demand more choice. With global market pressure rising, will iOS open up to third-party apps? This article has been indexed from Security | TechRepublic Read the original article: Global Pressure Mounts for Apple…