MOVEit Transfer zero-day attacks: The latest info
There’s new information about the zero-day vulnerability in Progress Software’s MOVEit Transfer solution exploited by attackers and – more importantly – …
Qakbot: The trojan that just won’t go away
Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending …
New infosec products of the week: June 2, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, ConnectSecure, CYTRACOM, Permit.io, and PingSafe. Permit.io launches …
How defense contractors can move from cybersecurity to cyber resilience
As the world’s most powerful military and economic power, the United States also holds another, less impressive distinction: Cyber threat actors target the US more than any …
Cybercriminals use legitimate websites to obfuscate malicious payloads
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing …
Despite cutbacks, IT salaries expected to rise
Despite rising labor costs, economic inflation, and companies making an effort to cut back, the salary outlook for IT professionals is positive, according to InformationWeek. …
Critical zero-day vulnerability in MOVEit Transfer exploited by attackers!
UPDATE (June 2, 2023, 05:55 a.m. ET): Check out our update on this evolving situation. A critical zero-day vulnerability in Progress Software’s enterprise managed file …
Threat actors can exfiltrate data from Google Drive without leaving a trace
Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga …
Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …
Why organizations should adopt a cloud cybersecurity framework
The cloud is the future of enterprise architecture. It’s economical (to a degree), it’s scalable, it’s flexible and – best of all – it’s someone else’s …
Navigating cybersecurity in the age of remote work
In this Help Net Security interview, Jay Chaudhry, CEO at Zscaler, talks about connecting and securing remote employees and their devices to access organizational resources …
Phishing campaigns thrive as evasive tactics outsmart conventional detection
A 25% increase in the use of phishing kits has been recorded in 2022, according to Group-IB. The key phishing trends observed are the increasing use of access control and …