A recent analysis has unveiled a new custom backdoor, dubbed MQsTTang, employed by the China-aligned hacking group Mustang Panda in a social engineering campaign that began in January 2023. This malware marks a departure from the group’s previously observed tactics,…
AI in Retail Crime: A Double-Edged Sword As cybercriminals increasingly leverage artificial intelligence (AI) to enhance organized retail crime (ORC) and evade detection, defenders are urged to harness similar technologies for protective measures. In a recent interview with Information Security…
Cybersecurity Update: Rising Threats and Emerging Vulnerabilities In the ever-evolving landscape of cybersecurity, unpatched systems, weak passwords, and neglected plugins serve as gateways for attackers. As supply chains intertwine deeply with the software we depend on, malware is increasingly hidden…
Google Alerts Users to Global Gmail Data Breach Risks In a recent alert, Google has issued a worldwide warning regarding a significant data breach affecting Gmail users. The tech giant is drawing attention to potential vulnerabilities that could have exposed…
Recent activity has revealed that cybercriminals are actively exploiting security vulnerabilities in GeoVision’s end-of-life Internet of Things (IoT) devices. This alarming trend is being leveraged to recruit these devices into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. Initial…
Southeast Asian Governments Targeted in Ongoing Cyber Espionage by Sharp Panda A sophisticated cyber espionage campaign has emerged, focusing on high-profile government entities across Southeast Asia, with the Chinese threat actor known as Sharp Panda at the forefront. This activity…
Mandy Andress: Visionary Leader in Cybersecurity CISO, Elastic Mandy Andress serves as the Chief Information Security Officer (CISO) at Elastic, bringing with her a wealth of experience in information risk management and cybersecurity. Her career journey includes pivotal roles where…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported a significant security vulnerability affecting CrushFTP, now cataloged as a Known Exploited Vulnerability following active exploitation incidents. The flaw, identified as an authentication bypass, allows unauthenticated attackers to gain control…
TransUnion Cyberattack Exposes Personal Data of 4.4 Million Consumers TransUnion, one of the United States’ primary credit reporting agencies, has reported a cyberattack that has compromised the sensitive personal information of over 4.4 million U.S. consumers. This breach, confirmed on…
SysAid IT Support Software Vulnerabilities Expose Businesses to Remote Code Execution Risks Cybersecurity experts have revealed critical security vulnerabilities in the on-premise version of SysAid IT support software, presenting significant risks for organizations using this platform. These vulnerabilities, identified as…
