Yearly Archives: 2024
Lazarus Group tricks developers to load malware via fake recruiting tests
New malicious software packages tied to the North Korean Lazarus Group were observed posing as a Python coding skills test for develope...
Southeast Asia targeted by new Crimson Palace attack clusters
More extensive compromise of Southeast Asian government organizations have been conducted by three China-linked threat clusters as part...
Funding round pulls in $15M for P0 Security
Such newly secured funds would be allocated toward bolstering engineering and go-to-market teams, according to P0 Security, which offer...
Novel PIXHELL attack could expose air-gapped computer data
Without the need for specialized audio equipment to conduct PIXHELL, threat actors could leverage social engineering and software suppl...
OT environments impacted by unrestricted remote access tool utilization
At least four remote access tools have been implemented across the operational technology environments of 55% of organizations, some of...
Free Russia Foundation breach under probe
U.S.-based nonprofit and nongovernmental advocacy organization Free Russia Foundation has launched an investigation into a breach of it...
Misconfiguration exposes MNA Healthcare data
Cybernews reports that U.S. healthcare recruitment firm MNA Healthcare had information from 14,000 doctors' accounts, 11,000 hospitals,...
Maximum severity Ivanti EPM flaw patched
Fixes have been issued by Ivanti for a maximum severity flaw impacting its Endpoint Management software, tracked as CVE-2024-29847, whi...
Microsoft fixes at least four zero-days in September Patch Tuesday
Microsoft patched 79 bugs for administrators to install this month.The latest addition of the Patch Tuesday release includes fixes for ...
Reinventing cyber resilience with AI
It's still early days for the use of commercial-grade artificial intelligence (AI) in enterprises. But AI has already helped companies ...