SaaS Apps Present an Abbreviated Kill Chain for Attackers
Black Hat presentation reveals adversaries don’t need to complete all seven stages of a traditional kill chain to achieve their…
Automated Security Validation: One (Very Important) Part of a Complete CTEM Framework
The last few years have seen more than a few new categories of security solutions arise in hopes of stemming…
Critical AWS Vulnerabilities Allow S3 Attack Bonanza
Researchers at Aqua Security discovered the “Shadow Resource” attack vector and the “Bucket Monopoly” problem, where threat actors can guess…
New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links
Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade…
Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities
Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade…
Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024
The Immersive Experience Happening This September in Las Vegas!In an era of relentless cybersecurity threats and rapid technological advancement, staying…
Critical Security Flaw in WhatsUp Gold Under Active Attack – Patch Now
A critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move…
FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million
The ransomware strain known as BlackSuit has demanded as much as $500 million in ransoms to date, with one individual…
Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins
Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper privileged in cloud environments, paving the…
Monitoring Changes in KEV List Can Guide Security Teams
The number of additions to the Known Exploited Vulnerabilities catalog is growing quickly, but even silent changes to already-documented flaws…
