Network SecurityFinancial sector sees 117% rise in DDoS attacks in second half of 2024Steve ZurierFebruary 11, 2025Threat actors prey on concerns banks have with online banking downtime to carry out ransom threats.
Identity‘Next level’ brute-force attack uses 2.8 million IPs to target VPNsSteve ZurierFebruary 10, 2025Bad actors target VPNs from leading brands, such as Palo Alto Networks, Ivanti, and SonicWall.
Network Security3,000 exposed ASP.NET keys could perform code injection attacksSteve ZurierFebruary 7, 2025Microsoft worries the leaked keys could be pushed into development code without modification, leaving it open to security issues.
Vulnerability ManagementLinux kernel flaw added to CISA’s exploited vulnerabilities listSteve ZurierFebruary 6, 2025Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.
Network SecurityInfostealers targeting macOS jumped by 101% in second half of 2024Steve ZurierFebruary 5, 2025While infostealers are often seen as less dangerous compared with trojans, they can exfiltrate sensitive data, leading to data breaches.
Cloud Security7 cloud security startups not named WizSteve ZurierFebruary 5, 2025Wiz has dominated the cloud startup market for several years, but there are lesser-known startups that offer some very targeted cloud security products.
Vulnerability ManagementFlexibleFerret malware targets the macOS via North Korea job campaignSteve ZurierFebruary 4, 2025New malware strain a continuation of the North Korean Contagious Interview job lure campaign first described last December.
Vulnerability ManagementBackdoor in Contec CMS8000 monitors may allow faulty patient readingsSteve ZurierJanuary 31, 2025Agencies say firmware backdoor can cause an RCE, which could result in faulty readings on patients’ vital signs.
Vulnerability Management1-click RCE possible by combining vulnerabilities in Voyager PHPSteve ZurierJanuary 30, 2025Chaining the Voyager PHP flaws together could let attackers steal sensitive GitHub project files.
Vulnerability ManagementApple patches first actively exploited zero-day of 2025 on its devicesSteve ZurierJanuary 28, 2025Apple fixes multimedia flaw with improved CoreMedia memory management.
