Category: security
CISA issues advisory on Iranian brokers selling access to critical infrastructure
Iranian hackers are acting as Initial Access Brokers (IAB), selling access to critical infrastructure organizations in the West to the highest bidder. A joint security advisory recently published by the US Cybersecurity and Infrastructure Agency (CISA), together with the FBI, NSA, the Communications Security Establishment Canada (CSE), the Australian Federal…
Read More
Hundreds of thousands of CVs leaked – here’s what we know
A Singaporean remote hiring platform left a large database unprotected on the internet, accessible to anyone who knew where to look. Since the database contained plenty of sensitive information, the company has inadvertently placed hundreds of thousands of people at risk of data theft, identity theft, phishing, fraud, and more.…
Read More
Firm hacked after accidentally hiring North Korean cyber criminal
A company was hacked after hiring a fake IT professional from North Korea. It has not been clarified whether this was a deliberate cyberattack against the organization, a disgruntled former employee, or a “simple” scam. The company, which was not named, operates either in the US, UK, or Australia. It…
Read More
Critical severity flaw warning issued by CISA for SolarWinds Web Help Desk
A critical vulnerability in a SolarWinds product is being abused in the wild, and now US government agencies have a deadline to patch it or lose it. The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-28987 to its Known Exploited Vulnerabilities (KEV) catalog. When a vulnerability is added…
Read More
Microsoft issues guidance on how best to hit back against Kerberoasting AD attacks
Cybersecurity researchers from Microsoft have warned the effectiveness of a cyberattack method called Kerberoasting is growing. To help businesses engage their defenses against this attack, the company published a new blog, explaining the methodology, the risks involved, and protection guidance. According to Microsoft, the technique has grown more effective lately…
Read More
TechRadar’s top VPN now supports next-generation Snapdragon PCs
TechRadar’s tried and tested best VPN service has just unveiled support for next-generation Windows devices. Today (October 15, 2024), NordVPN released a Windows VPN app fully compatible with Surface Pro and other PCs built on ARM architecture. This release complements the provider’s existing support for ARM-based devices on macOS and…
Read More