Wherever There’s Ransomware, There’s Service Account Compromise. Are You Protected?
Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent...
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress."Attackers have been observed...
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor."Threat...
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the...
Healthcare’s Diagnosis is Critical: The Cure is Cybersecurity Hygiene
Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave...
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target...
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.The...
New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a...
Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military
A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software...
Why Pay A Pentester?
The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the...
