Alert: Apache Superset Vulnerabilities Expose Servers to Remote Code Execution Attacks

08/09/2023 0 Comments 0 tags

Patches have been released to address two new security vulnerabilities in Apache Superset that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1)

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024

08/09/2023 0 Comments 0 tags

By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This

Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware

08/09/2023 0 Comments 0 tags

A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer (or AMOS), indicating that it’s being actively maintained by its author. An off-the-shelf

Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach

07/09/2023 0 Comments 0 tags

Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forging tokens to access Outlook by compromising an engineer’s corporate account. This enabled

9 Alarming Vulnerabilities Uncovered in SEL’s Power Management Products

06/09/2023 0 Comments 0 tags

Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). “The most severe of those nine vulnerabilities would allow a threat actor to

Three CISOs Share How to Run an Effective SOC

06/09/2023 0 Comments 0 tags

The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape of digital threats while fostering innovation and ensuring business continuity.

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

06/09/2023 0 Comments 0 tags

The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a

Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw

06/09/2023 0 Comments 0 tags

Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked

Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia

06/09/2023 0 Comments 0 tags

Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and Russia, blocking thousands of accounts and pages across its platform.

Researchers Warn of Cyber Weapons Used by Lazarus Group’s Andariel Cluster

06/09/2023 0 Comments 0 tags

The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of