Category: security
70% of new hires click on phishing links within the first 3 months of employment – here’s how to stay safe
Most phishing incidents happen before new employees even understand how internal systems work, report claims Security awareness should begin on day one, before the first email is even opened Hackers target uncertainty, and onboarding is full of it for eager, confused new hires The first few months of employment are…
Read More
Thousands of organizations have a new, unexpected ’employee’ onboard – and it could be their single biggest security risk
Report warns hackers are exploiting browser agents which don’t know how to spot fake URLs A Browser AI Agent gave full Google Drive access to a malicious app without hesitation SquareX says AI agents are more vulnerable than humans to even basic cyberattacks A dramatic shift in enterprise security has…
Read More
This worrying Bluetooth security flaw could let hackers spy on your device via microphone
Security researchers found three medium-severity flaws in Bluetooth SoCs When chained, they can be used to eavesdrop on conversations, and more Patches are being developed, so be on your guard Security researchers have uncovered three vulnerabilities in a Bluetooth chipset present in dozens of devices from multiple manufacturers. The vulnerabilities,…
Read More
Insider risk on the rise as survey finds 50% of employees have too much privileged access – and AI will make it far worse
Half of employees hold excessive rights across AI and SaaS estates, CloudEagle report finds Invisible IT hides 60% of apps undermining traditional identity controls Study recommends AI governance plus just in time access and reviews Half of enterprise staff now hold excessive privileges to critical applications, new research has claimed.…
Read More
CitrixBleed 2 flaws are officially here – so get patching or leave your systems at risk
Citrix disclosed patching a critical-severity bug in Citrix NetScaler ADC and Gateway instances Independent researchers dub it “CitrixBleed 2” due to its similiarities to the 2023 flaw Users are advised to patch up ASAP Hackers are actively exploiting a critical-severity vulnerability in Citrix NetScaler ADC and Gateway instances to hijack…
Read More
China-backed “LapDogs” hackers hijacked hundreds of devices in an outlandish intel campaign aimed at US and Asian targets
ShortLeash gives hackers root-level stealth and blends malicious activity into everyday network traffic LapDogs uses fake LAPD certificates to disguise malware, bypassing even the best endpoint protection systems The malware quietly hijacks routers and devices that often go unmonitored for months A recently disclosed cyber espionage operation, dubbed LapDogs, has…
Read More