LATEST ARTICLES

Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration

A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-day to perform a series of...

5 Steps to Boost Detection and Response in a Multi-Layered Cloud

The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies...

Supply Chain Attacks Exploit Entry Points in Python, npm, and Open-Source Ecosystems

Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust...

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 – Oct 13)

Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" – and trust me, you NEED to be...

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware.Cybersecurity vendor Sophos...

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a...

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets...

GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to...

How Hybrid Password Attacks Work and How to Defend Against Them

Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to...

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5...