Blog
How Ransomware Groups Weaponize Stolen Data
Ransomware groups are increasingly weaponizing stolen data to pressure victims into paying. They analyze data to maximize damage and create opportunities for extortion, targeting business leaders and employees for blame.
How Ransomware Groups Weaponize Stolen Data
Ransomware groups are increasingly weaponizing stolen data to pressure victims into paying. They analyze data to maximize damage and create opportunities for extortion, targeting business leaders and employees for blame.
Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers
Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized commands. Tracked as CVE-2024-7261 (CVSS score: 9.8), the vulnerability has been...
Damn Vulnerable UEFI: Simulate Real-world Firmware Attacks
DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI firmware security by providing examples to explore potential vulnerabilities.
The New Effective Way to Prevent Account Takeovers
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A...
Swan Bitcoin Alerts Users of Phishing Emails Carrying Fake Data Breach Notice
Swan Bitcoin CEO Cory Klippsten has warned users about phishing emails targeting the platform's users. The scam involves fake "Data Breach Notice" emails, possibly linked to the Klaviyo and HubSpot data breaches in 2022.
Keeping up With Automated Threats is Becoming Harder
Automated threats are increasingly difficult to keep up with, with 98% of organizations attacked by bots experiencing revenue loss, according to Kasada. Web scraping and account fraud are the primary threats causing revenue losses.
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an "illegal database...
Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant
A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign. The malvertising activity, observed in June 2024, is a departure...
FREE GUIDE