A Linux variant of the GoGra backdoor uses legitimate Microsoft infrastructure, relying on an Outlook inbox for stealthy payload delivery. […]
New GoGra malware for Linux uses Microsoft Graph API for comms Read More »
Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability. […]
Microsoft releases emergency patches for critical ASP.NET flaw Read More »
Cybersecurity researchers have discovered a new iteration of an Android malware family called NGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. “The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated,” ESET security researcher Lukáš Štefanko
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs Read More »
Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, regulatory exposure, and brand damage. The root cause of slow MTTR is almost never “not enough analysts.” It is almost always the same structural problem:
5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time Read More »
A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime gang in extracting higher amounts as ransoms. “Working as
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023 Read More »
France Titres, the government agency in France for issuing and managince administrative documents has disclosed a data breach after a threat actor claimed the attack and stealing citizen data. […]
French govt agency confirms breach as hacker offers to sell data Read More »
Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. […]
Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks Read More »
Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted file-creation capabilities with an insufficient input sanitization in Antigravity’s native file-searching tool, find_by_name, to bypass the program’s Strict
Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution Read More »
The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials. Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing
No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks Read More »
Ofcom, the United Kingdom’s independent communications regulator, has launched an investigation into Telegram based on evidence suggesting it’s being used to share child sexual abuse material (CSAM). […]
UK probes Telegram, teen chat sites over CSAM sharing concerns Read More »