Ivanti has announced the release of critical software updates aimed at addressing numerous security vulnerabilities within its Endpoint Manager (EPM) software. Among these flaws, 10 have been classified as critical, posing significant risks that could potentially lead to remote code execution. The updates are particularly crucial for users of EPM…
New Surge in Malware Infections Linked to FakeBat Loader Cybersecurity experts have reported a notable increase in malware infections attributable to malvertising campaigns that deploy a loader known as FakeBat. This malicious software targets individuals seeking popular business applications, a strategy that appears to be opportunistically designed to ensnare unsuspecting…
The perception of cybersecurity threats often conjures images of shadowy figures hunched over screens, orchestrating complex attacks from afar. While external hackers are frequently in the spotlight, internal threats, including employees or contractors, pose a significant challenge. Surprisingly, individuals within your organization can be among the most considerable risk factors…
Microsoft Addresses Critical Vulnerabilities in September 2024 Patch Tuesday Update On Tuesday, September 10, 2024, Microsoft announced the identification of three significant security vulnerabilities affecting the Windows operating system, which are now under active exploitation. This disclosure was part of the company’s monthly Patch Tuesday update, highlighting the urgent need…
In a notable lapse in operational security (OPSEC), the operator behind the Styx Stealer information theft tool inadvertently leaked sensitive details from their own computer. This data breach exposed client information, profit margins, nicknames, phone numbers, and email addresses. Styx Stealer, emerged in April 2024, is considered a variant of…
Thousands of Vastaamo Leak Victims Seek Enhanced Compensation In a significant development regarding the Vastaamo data breach, thousands of victims are actively pursuing higher compensation for the personal data exposed during the incident. This breach, which came to light in late 2020, involved the unauthorized disclosure of sensitive patient information…
Cybersecurity firm Cato Networks has published its latest findings in the Q2 2024 Cato CTRL SASE Threat Report, an in-depth analysis based on an extensive dataset of network flows—over 1.38 trillion—from more than 2,500 customers globally. This high volume of data, gathered between April and June 2024, reveals alarming trends…
Recently, Toyota has faced a significant data breach, which has resulted in the leak of an alarming 240GB of customer information. This incident underscores the growing cybersecurity threats that businesses are currently exposed to. As one of the world’s leading automotive manufacturers, Toyota has been a prime target for cybercriminals,…
Cybersecurity experts have recently uncovered a new strain of malware known as PG_MEM, specifically designed to mine cryptocurrency by exploiting vulnerabilities in PostgreSQL database instances. This malicious software employs brute-force tactics, wherein attackers repeatedly attempt to guess the database credentials, typically targeting systems with weak passwords. According to Assaf Morag,…
