Category: EN

Beware of New Malicious PyPI packages That Steals Login Details

Two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, were recently detected by Fortinet’s AI-driven OSS malware detection system. These packages, spotted on November 16 and November 24, 2024, respectively, represent significant threats to users by leveraging advanced malware techniques. These findings…

Read more →

Researchers Uncovered Dark Web Operation Acquiring KYC Details

A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves the systematic collection and exploitation of genuine identity documents and images.  Attackers utilize these resources to develop and sell techniques for bypassing identity verification systems,…

Read more →

2024 Cloud Security Report Fortinet

Introduction Companies are increasingly pursuing a cloud-first strategy by developing and deploying applications with the cloud in mind. With the majority of organizations adopting a hybrid or multi-cloud approach to support various use cases and work models, the attack surface…

Read more →

How modern SecOps teams use CTEM to Assess and Reduce Cyber Threats

Gartner created the Continuous Threat Exposure Management (CTEM) framework as a strategic approach to help organizations of all sizes and maturity levels address modern cybersecurity challenges by continually and consistently evaluating the accessibility, exposure, and exploitability of an enterprise’s assets.…

Read more →

Adobe ColdFusion Any File Read Vulnerability (CVE-2024-53961)

Overview Recently, NSFOCUS CERT detected that Adobe issued a security announcement and fixed any file read vulnerability in Adobe ColdFusion (CVE-2024-53961). Due to improper restrictions on pathnames in Adobe ColdFusion, unauthenticated attackers can bypass the application’s restrictions to read files…

Read more →

Service disruptions continue to blindside businesses

Service disruptions remain a critical concern for IT and business executives, with 88% of respondents saying they believe another major incident will occur in the next 12 months, according to PagerDuty. PagerDuty surveyed 1,000 IT and business executives who were…

Read more →

iOS devices more exposed to phishing than Android

The mobile threat landscape continues to grow at an alarming rate as cybercrime groups shift their tactics and target mobile devices in the early stages of their attacks, according to a recent Lookout report. The report highlights insights behind a…

Read more →

Cybersecurity spending trends and their impact on businesses

Managing cybersecurity and IT budgets is a critical element of organizational strategy. With increasing threats to data security, the rise of ransomware, and the need to protect IT infrastructure, organizations must invest wisely in cybersecurity to stay secure. This article…

Read more →

Relax with Secure Cloud-Native Solutions

What Does Securing Your Cloud-Native Solutions Mean? Cloud-native solutions are becoming more popular by the day. They are seen as the future of application development and deployment in today’s digital age. But with great innovation comes great responsibility – the…

Read more →

Drive Innovation with Enhanced Secrets Scanning

How Can Secrets Scanning Drive Innovation? Does the thought of data breaches keep you up at night? If so, you’re not alone. The modern, interconnected business landscape offers unprecedented opportunities for growth and innovation. However, it also presents new, complex…

Read more →

Apache fixed a critical SQL Injection in Apache Traffic Control

Apache Software Foundation (ASF) addressed a critical SQL Injection vulnerability, tracked as CVE-2024-45387, in Apache Traffic Control. The Apache Software Foundation (ASF) released security updates to address a critical security vulnerability, tracked as CVE-2024-45387 (CVSS score 9.9), in Traffic Control. Traffic Control…

Read more →