How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back
Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks.
AitM enables attackers to not just harvest credentials...
U.S. Agencies Warn of Iranian Hacking Group’s Ongoing Ransomware Attacks
U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates...
French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform
Aug 29, 2024Ravie LakshmananOnline Crime / Privacy
French prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on...
Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
Aug 28, 2024Ravie LakshmananVulnerability / Data Security
Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote...
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Aug 28, 2024Ravie LakshmananCyber Attack / Vulnerability
A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote...
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while...
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
Aug 28, 2024Ravie LakshmananPhishing Attack / Data Breach
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages...
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
Aug 28, 2024Ravie LakshmananSoftware Security / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the...
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
Aug 28, 2024Ravie LakshmananWordPress Security / Website Protection
A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow...
Latest articles