Unpacking 2024’s SaaS Threat Predictions

05/06/2024 0 Comments 0 tags

Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year,

Chinese State-Backed Cyber Espionage Targets Southeast Asian Government

05/06/2024 0 Comments 0 tags

An unnamed high-profile government organization in Southeast Asia emerged as the target of a “complex, long-running” Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. “The overall goal behind the campaign

Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan

04/06/2024 0 Comments 0 tags

Russian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog. Cybersecurity company Positive Technologies is

Telerik Report Server Flaw Could Let Attackers Create Rogue Admin Accounts

04/06/2024 0 Comments 0 tags

Progress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and

Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine

04/06/2024 0 Comments 0 tags

A new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts. The attack chain,

The Next Generation of RBI (Remote Browser Isolation)

04/06/2024 0 Comments 0 tags

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads,

Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers

04/06/2024 0 Comments 0 tags

Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign. “We have not identified evidence suggesting this

DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks

04/06/2024 0 Comments 0 tags

Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of

Oracle WebLogic Server OS Command Injection Flaw Under Active Attack

04/06/2024 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active

Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet

03/06/2024 0 Comments 0 tags

Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware.  Odd is