Critical Vulnerability Discovered in BeyondTrust Products BeyondTrust has announced a significant security vulnerability affecting its Privileged Remote Access (PRA) and Remote Support (RS) products. This flaw, designated as CVE-2024-12356 and assigned a high CVSS score of 9.8, poses a serious risk of arbitrary command execution, potentially allowing unauthenticated attackers to…
Recent insights from cybersecurity researchers have provided a deeper understanding of the Qakbot banking trojan’s methods for embedding encrypted configuration data into the Windows Registry. This malware, also known by other aliases including QBot, QuackBot, and Pinkslipbot, has been present since 2007, initially designed for information theft but evolving to…
Recent investigations by Adlumin have uncovered that the Play ransomware strain is now available as a ransomware-as-a-service (RaaS) model, significantly altering the landscape of cyber threats. This shift allows various cybercriminals to utilize the ransomware by following detailed, step-by-step instructions provided with their purchase. According to Adlumin’s report, the marked…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Symantec Identifies Potential Supply Chain Attack Anviksha More (AnvikshaMore) • October 15, 2025 The border crossing between China and Russia, near Manzhouli. (Image: B.Panupong/Shutterstock) Recent findings from cybersecurity firm Symantec reveal that suspected hackers linked to the Chinese government have breached the…
UK’s Capita Fined $19 Million for 2023 Cyber Breach In a significant enforcement action this week, British multinational outsourcing and professional services company Capita has been issued a large fine totaling $19 million due to a cyber breach that occurred earlier in 2023. This incident has raised alarms about the…
ActiveState Unveils Enhanced Platform to Address Open Source Security Challenges ActiveState, a prominent player in the open source management space, has announced the launch of a new end-to-end platform designed to tackle the complexities of managing open source software within large enterprises. With nearly a decade’s experience in supporting organizations…
Recent intelligence reveals that operators linked to the Lazarus group’s BlueNoroff sub-group have orchestrated a series of cyberattacks targeting small and medium-sized enterprises across the globe. The objective of these attacks is to siphon cryptocurrency assets, marking a significant maneuver by this recognized North Korean state-sponsored actor. Kaspersky, a prominent…
Alternative iPhone VPNs Evaluated Surfshark: Surfshark emerged as a notable contender among VPN services. Its Starter plan includes useful features, notably a masked email generator, alongside standard offerings such as ad and tracker blocking and unlimited simultaneous connections. However, the service exhibited slightly slower speeds, averaging around a 20% reduction,…
Ambitious Employees Tout New AI Tools, Overlook Significant SaaS Security Risks As organizations increasingly adopt AI technologies, IT security teams, including Chief Information Security Officers (CISOs), face challenges reminiscent of earlier shadow IT concerns related to Software as a Service (SaaS). Employees are discreetly integrating AI applications into their workflows…
