12 Ways to Protect Your Business from Hackers During Remote Work
Michelle MooreUniversity of San Diego’sSeptember 11, 2025 Remote work is here to stay, with nearly a quarter of the U.S. workforce (22%)…
Wyden Urges FTC Investigation Over Ascension Ransomware Hack
US Senator Ron Wyden of Oregon has called on the Federal Trade Commission to investigate Microsoft for cybersecurity lapses linked to…
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a…
Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence
U.S. Senator Ron Wyden has called on the Federal Trade Commission (FTC) to probe Microsoft and hold it responsible for what he called "gross…
Boost Operational Resilience: Proactive Security with CORA Best Practices
On almost a monthly basis, the US Cybersecurity & Infrastructure Security Agency (CISA) publishes advisories about the latest…
Australia Warns of Ransomware Attacks Exploiting SonicWall VPN Flaw CVE-2024-40766
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an urgent alert regarding active exploitation of…
SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers
Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access. Cybersecurity firm…
Ukrainian Ransomware Fugitive Added to Europe’s Most Wanted
A 28-year-old Ukrainian has been added to a list of Europe’s most wanted fugitives for alleged participation in LockerGoga ransomware attacks.…
LNER Reveals Supply Chain Attack Compromised Customer Information
The operator of one of the UK’s busiest rail lines has admitted that an unauthorized third party has accessed customer details via a supplier.…
Vulnerability Management – common understanding and language enable teamwork
Part of a series This Blog post is part of the series Vulnerability Management Series: 3D (Definition, Deep-Dive, and Difficulties) Part 1…
ACSC Warns Of Sonicwall Access Control Vulnerability Actively Exploited In Attacks
The Australian Cyber Security Centre (ACSC) has issued a critical alert regarding a severe access control vulnerability in…
Microsoft Copilot to Be Powered by Two AIs: OpenAI and Now Anthropic
Ddos September 11, 2025 The Information has reported that Microsoft is preparing to announce, within the coming weeks, the integration of…
Beyond Cobalt Strike: A New Open-Source Hacking Tool Is on the Rise
Ddos September 11, 2025 Researchers at Palo Alto Networks’ Unit 42 have published a report detailing the rise of AdaptixC2, an open-source…
ACSC Warns of Active Exploitation of SonicWall SSL VPN Vulnerability (CVE-2024-40766)
Ddos September 11, 2025 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued an alert on the active…
CVE-2025-58063: CoreDNS Vulnerability Could Disrupt DNS Updates
Ddos September 11, 2025 The CoreDNS project has disclosed a vulnerability in its etcd plugin, tracked as CVE-2025-58063 (CVSS 7.1), which…
Akira ransomware crims abusing trifecta of SonicWall security holes for extortion attacks
Affiliates of the Akira ransomware gang are again exploiting a critical SonicWall vulnerability abused last summer, after a suspected zero-day…
More Than Sales… How Brokers Can Play a Critical Role in Strengthening the USA’s National Cybersecurity
As cyber threats continue to rise, enterprises can rely on unexpected allies for support: their insurance brokers. Brokers are not only able…
KillSec Ransomware Hits Brazilian Healthcare IT Vendor
A ransomware attack claimed by the group KillSec has disrupted MedicSolution, a software provider serving Brazil’s healthcare sector. On…
Using Artificial Intelligence for Strengthening Email Security
Today, email-based attacks are increasingly sophisticated, however artificial intelligence (AI) can offer vital defense. With AI use,…
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month’s patches address two publicly…
Ransomware Payments Plummet in Education Amid Enhanced Resiliency
Ransomware demands and payments have plummeted in the education sector in the past year amid improved resilience and recovery capabilities,…
Apple’s “Most Significant Upgrade” to iPhone Security Is Here
Ddos September 10, 2025 Apple Security Engineering and Architecture (SEAR) has unveiled Memory Integrity Enforcement (MIE), an always-on,…
Malicious npm Code Reached 10% of Cloud Environments
Security experts have warned that a newly discovered supply chain attack targeting npm packages is still active and may already have…
Windows BitLocker Vulnerability Let Attackers Elevate Privileges
Microsoft has addressed two significant elevation of privilege vulnerabilities affecting its Windows BitLocker encryption feature. The flaws,…
NVIDIA’s Newest Acquisition: The AI Programming Startup That’s Set to Reshape Development
Ddos September 10, 2025 NVIDIA has recently acquired Solver, an AI programming startup founded in 2022, as part of its strategy to strengthen…
Apple Watch Series 11: A New Era of Health and Connectivity
Ddos September 10, 2025 Apple has officially unveiled the Apple Watch Series 11, now equipped with a more scratch-resistant display glass, 5G…
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no…
Innovator Spotlight: Straiker
The AI Security Frontier: Protecting Tomorrow’s Digital Landscape Cybersecurity leaders are facing an unprecedented challenge. As…
As hackers exploit one high-severity SAP flaw, company warns of 3 more
SecurityBridge warned that CVE-2025-42957 allowed hackers with minimal system rights to mount “a complete system compromise with minimal…
Innovator Spotlight: Xcape
Continuous Vulnerability Management: The New Cybersecurity Imperative Security leaders are drowning in data but starving for actionable…
Exploring Key Technology Trends for 2024
Fast forward to today, and the importance of staying current with the latest tech trends can’t be overstated – it’s the…
Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute Remote Code
Ivanti has released security updates to address two high-severity vulnerabilities in its Endpoint Manager (EPM) software that could allow…
Zoom Security Update – Patch for Multiple Vulnerabilities in Clients for Windows and macOS
Zoom released a security update addressing multiple vulnerabilities in its software, including Zoom Workplace and various clients for Windows…
Salty2FA Phishing Kit Unveils New Level of Sophistication
A phishing campaign leveraging the Salty2FA kit has been uncovered by cybersecurity researchers, revealing advanced techniques that highlight…
Software Supply Chain Attacks
In today’s rapidly evolving business landscape, software supply chain attacks are becoming increasingly common—and more…
Open Source Community Thwarts Massive npm Supply Chain Attack
A potential npm supply chain disaster was averted in record time after attackers took over a verified developer’s credentials. On September 8,…
SAP Patch Tuesday: Key Vulnerabilities in September 2025
The September 2025 SAP Patch Tuesday brings a critical batch of security updates addressing a diverse portfolio of vulnerabilities across…
Chinese Cyber Espionage Campaign Impersonates US Congressman
US lawmakers have accused the Chinese government of being behind a cyber espionage campaign that impersonated a prominent Congressman. The…
Chinese Salt Typhoon and UNC4841 Hackers Teamed Up to Attack Government and Corporate Infrastructure
Cybersecurity researchers began tracking a sophisticated campaign in the closing months of 2024, targeting both government and corporate…
Salesloft: GitHub Account Breach Was Ground Zero in Drift Campaign
A major data theft campaign targeting Salesforce data via the Salesloft Drift app began after threat actors compromised a key GitHub account,…
Innovator Spotlight: Seraphic
Reinventing Browser Security for the Enterprise The Browser: Enterprise’s Biggest Blind Spot On any given day, the humble web browser is…
Innovator Spotlight: Darwinium
The Digital Battlefield: How AI is Reshaping Cybersecurity and Fraud Prevention Crocodiles aren’t the only predators lurking in the…