Beyond Compliance: The Advantage of Year-Round Network Pen Testing

18/11/2024 0 Comments 0 tags

IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here’s the thing: hackers don’t wait around for compliance schedules.

Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy

18/11/2024 0 Comments 0 tags

Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 – Nov 17)

18/11/2024 0 Comments 0 tags

What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit

18/11/2024 0 Comments 0 tags

Legal documents released as part of an ongoing legal tussle between Meta’s WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

18/11/2024 0 Comments 0 tags

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely

PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released

16/11/2024 0 Comments 0 tags

Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has

Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials

16/11/2024 0 Comments 0 tags

A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet’s FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity,

Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations

15/11/2024 0 Comments 0 tags

Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity

Master Certificate Management: Join This Webinar on Crypto Agility and Best Practices

15/11/2024 0 Comments 0 tags

In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and

Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform

15/11/2024 0 Comments 0 tags

Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the