Category Security

Mar 08, 2024NewsroomVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The…

AI laboratories will be compelled to disclose their development of general-purpose AI as governments look to have more oversight over this rapidly evolving technology. This is according to AI scientist Inma Martinez, chair of the Multi-stakeholder Experts Group at Global…

A sophisticated cyber-espionage campaign by the China-aligned APT group Evasive Panda (also known as BRONZE HIGHLAND and Daggerfly) has been observed targeting Tibetans across various countries and territories.  The operation, which has been ongoing since at least September 2023, exploits…

If you have been optimistically daydreaming that losses attributed to cybercrime might have reduced in the last year, it’s time to wake up. The FBI’s latest annual Internet Crime Complaint Center (IC3) report has just been published and makes for…

Cybersecurity researchers have uncovered a new cyber-threat involving fraudulent Skype, Google Meet and Zoom websites aimed at spreading malware.  The campaign, uncovered in December 2023 by Zscaler’s ThreatLabz, saw perpetrators distributing the SpyNote remote access Trojan (RAT) to Android users…

Mar 07, 2024NewsroomCyber Espionage / Software Security The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end of the attacks is to deliver malicious…

Ransomware losses in the US surged to $59.6m in 2023, a 74% rise on the previous year’s reported figure of $34.4m, according to the FBI’s Internet Crime Report 2023. This figure was calculated from 2825 ransomware incidents reported to the…

Mar 07, 2024NewsroomVulnerability / Web Security Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the…

A Chinese national who used to work at Google has been charged with stealing intellectual property from the tech giant connected to its work on artificial intelligence (AI). Linwei Ding (aka Leon Ding) was charged with four counts of “theft…

In today’s rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS security management and requires strict governance of user roles and permissions, monitoring of privileged users, their level of…