The Gurus spoke to Robert Hann, VP of Technical Solutions at Entrust, about the future of IT and the challenges these developments pose to security teams and business leaders globally. What do you think will be the most significant changes…
Tag: EN
SandboxAQ Strengthens Leadership in Post-Quantum Security as NIST Approves HQC Algorithm
The National Institute of Standards and Technology (NIST) has officially added HQC (Hamming Quasi-Cyclic), co-invented by SandboxAQ, to its suite of post-quantum cryptographic (PQC) standards, the company announced today. HQC becomes the fifth algorithm selected by NIST in its ongoing…
CrushFTP CEO’s feisty response to VulnCheck’s CVE for critical make-me-admin bug
Screenshot shows company head unhappy, claiming ‘real CVE is pending’ CrushFTP’s CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical vulnerability in its file transfer tech disclosed almost a week…
GetReal Security Raises $17.5 Million to Tackle Gen-AI Threats
GetReal Security has raised $17.5 million in series A funding to combat deepfakes, impersonation, and other AI-generated threats. The post GetReal Security Raises $17.5 Million to Tackle Gen-AI Threats appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Is Someone Lurking in The Background Waiting To Impersonate You?
Are you confident someone isn’t lurking in the background on your computer right now, gathering information and preparing to impersonate you? The era of confidently sending e-mails securely or answering… The post Is Someone Lurking in The Background Waiting To…
Former Intel CEO Pat Gelsinger Joins Venture Capital Firm
After being ‘retired’ by Intel’s board of directors, ex-CEO Pat Gelsinger has joined a VC firm, as well as board of chip tool startup This article has been indexed from Silicon UK Read the original article: Former Intel CEO Pat…
G2 Names INE 2025 Cybersecurity Training Leader
Cary, North Carolina, 27th March 2025, CyberNewsWire The post G2 Names INE 2025 Cybersecurity Training Leader first appeared on Cybersecurity Insiders. The post G2 Names INE 2025 Cybersecurity Training Leader appeared first on Cybersecurity Insiders. This article has been indexed…
PlayBoy Locker Ransomware Targets Windows, NAS, and ESXi Systems
A new ransomware strain, PlayBoy LOCKER, has been identified targeting Windows, NAS, and ESXi systems. First discovered in September 2024 as a Ransomware-as-a-Service (RaaS) offering, the malware later had its full source code put up for sale in November, potentially…
Large-Scale Phishing Campaign Targets Defense and Aerospace Companies
A recent investigation by DomainTools Investigations (DTI) has uncovered a massive phishing infrastructure targeting defense and aerospace entities, particularly those linked to the conflict in Ukraine. This sophisticated campaign involves a network of mail servers supporting domains that mimic legitimate…
NIS2: What do we know so far about the EU’s expanded cyber security regulation?
When it comes to security, potent emerging threats on the horizon are causing regulators to be more proactive than ever. For organizations, this means constant reorientation to new compliance frameworks, obligations, and risks. At the forefront of this regulatory churn…
Hackers Abuse COM Objects for Fileless Malware Lateral Movements
A sophisticated technique was recently detected by researchers where attackers abuse Component Object Model (COM) objects to execute fileless malware for lateral movement across networks. This technique, detailed in research from March 2025, leverages legitimate Windows functionality to establish persistence…
CISA Adds Sitecore CMS Code Execution Vulnerability to List of Known Exploited Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical Sitecore CMS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities, CVE-2019-9874 and CVE-2019-9875, both affect the Sitecore.Security.AntiCSRF…
NSW Online Registry Website Breach – 9,000+ Files Stolen by Hackers
In a significant cybersecurity incident, approximately 9,000 sensitive court documents have been illegally downloaded from the NSW Online Registry Website (ORW), which authorities are calling a “major data breach.” The attack has triggered an immediate investigation by the NSW Police…
Synology Mail Server Let Remote Attackers Tamper System Configurations
A moderate-severity vulnerability has been identified in Synology Mail Server. It allows remote authenticated attackers to read and write non-sensitive settings and disable certain non-critical functions. The security flaw, tracked as CVE-2025-2848, affects multiple versions of the popular mail server software and…
Threat Actors Using Powerful Cybercriminal Weapon ‘Atlantis AIO’ to Automate Credential Stuffing Attacks
Credential stuffing has emerged as one of the most pervasive and effective attack vectors in today’s cybersecurity landscape. This technique, which leverages stolen username and password combinations across multiple platforms, has been significantly enhanced through a sophisticated automation tool called…
Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations
US defense contractor MORSE Corp has agreed to pay $4.6 million to settle allegations over its cybersecurity failures. The post Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations appeared first on SecurityWeek. This article has been indexed…
APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India’s public sector postal system as part of a campaign designed to infect both Windows and Android users…
No MFA? Expect Hefty Fines, UK’s ICO Warns
The ICO’s Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties This article has been indexed from www.infosecurity-magazine.com Read the original article: No MFA? Expect Hefty Fines, UK’s ICO Warns
Massive Data Breach Hits NSW Online Registry: 9,000+ Files Stolen
A major cybersecurity incident has struck the New South Wales court system, as cybercrime detectives investigate a significant data breach affecting the Department of Communities and Justice (DCJ). The breach targeted the NSW Online Registry Website (ORW), a critical platform…
Synology Mail Server Vulnerability Enables Remote System Configuration Tampering
Synology announced the discovery and resolution of a moderate-severity vulnerability in their Mail Server, which could allow remote authenticated attackers to tamper with non-sensitive system configurations. This issue, documented under CVE-2025-2848, highlights the importance of maintaining updated software to prevent…