GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages…
The Invisible Army of Non-Human Identities
The future of cybersecurity will be shaped by how well we manage the explosion of NHIs. The future of cybersecurity…
Retail CISOs Take on More Risk to Foster Innovation
CISOs in consumer and retail organizations appear to accept greater risks to allow for more innovation, which could be a…
How Hybrid Password Attacks Work and How to Defend Against Them
Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge…
IronNet Has Shut Down
After retiring in 2014 from an uncharacteristically long tenure running the NSA (and US CyberCommand), Keith Alexander founded a cybersecurity…
CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies…
New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution
GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a…
Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation
The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and…
EU Plans Sanctions for Cyberattackers Acting on Behalf of Russia
The European Union’s new sanctions framework will target individuals and organizations engaging in pro-Russian activities such as cyberattacks and information…
Critical Mozilla Firefox Zero-Day Allows Code Execution
The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.…
