Bytes of Wisdom, Bits of Security
10 Critical Network Pentest Findings IT Teams Overlook
After conducting over 10,000 automated internal network penetration tests...
Medusa Ransomware Uses Malicious Driver to Disable Anti-Malware with Stolen Certificates
The threat actors behind the Medusa ransomware-as-a-service (RaaS) operation...
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
Threat hunters have uncovered a new threat actor named...
Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers
Regulatory compliance is no longer just a concern for...
Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data
The governments of Australia, Canada, Cyprus, Denmark, Israel, and...
How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model
Cybersecurity isn’t just another checkbox on your business agenda....
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
Veeam has released security updates to address a critical...
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
YouTube videos promoting game cheats are being used to...
5 Identity Threat Detection & Response Must-Haves for Super SaaS Security
Identity-based attacks are on the rise. Attackers are targeting...
ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers
The threat actors behind the ClearFake campaign are using...
Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen
In today’s digital world, security breaches are all too...
Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia
The recently leaked trove of internal chat logs among...
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Threat actors are exploiting a severe security flaw in...
How to Improve Okta Security in Four Steps
While Okta provides robust native security features, configuration drift,...
New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking
A critical security vulnerability has been disclosed in AMI’s...
Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security
Google is making the biggest ever acquisition in its...
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
An unpatched security flaw impacting Microsoft Windows has been...
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Cybersecurity researchers have disclosed details of a new supply...
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
The latest Palo Alto Networks Unit 42 Cloud Threat...
⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More
From sophisticated nation-state campaigns to stealthy malware lurking in...
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions
Malicious actors are exploiting Cascading Style Sheets (CSS), which...
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
An unpatched security flaw impacting the Edimax IC-7100 network...
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
A recently disclosed security flaw impacting Apache Tomcat has...
Malicious PyPI Packages Stole Cloud Tokens—Over 14,100 Downloads Before Removal
Cybersecurity researchers have warned of a malicious campaign targeting...
Alleged Israeli LockBit Developer Rostislav Panev Extradited to U.S. for Cybercrime Charges
A 51-year-old dual Russian and Israeli national who is...
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
A new malware campaign has been observed leveraging social...
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
Users searching for pirated software are the target of...
Why Most Microsegmentation Projects Fail—And How Andelyn Biosciences Got It Right
Most microsegmentation projects fail before they even get off...
Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom
Cyber threats evolve daily. In this live webinar, learn...
GSMA Confirms End-to-End Encryption for RCS, Enabling Secure Cross-Platform Messaging
The GSM Association (GSMA) has formally announced support for...