Category: security
You really need to stop using work laptops for personal use — here’s why
New research has revealed an overwhelming majority (90%) of workers use their company-provided laptops for personal activities, potentially posing a serious cybersecurity risk. The study by ESET highlighted a substantial portion of employees also engage in risky activities using their business hardware, including viewing adult content, gambling, accessing the dark…
Read More
Crypto-linked cybercrime saw another record year as ransomware risk rises
Ransomware operators are on their way to break another record this year, if crypto inflows are any indication, new research has claimed. A report from Chainalysis says in the first half of 2024, crypto inflows reached $460 million – up from $449 million 12 months ago, representing a 2% increase…
Read More
Cybercriminals launch new malware that can completely wipe out your antivirus
Cybercriminals have been spotted using a new piece of malware designed to completely wipe out any antivirus programs the victim might have installed on their endpoint and infect them with ransomware. Researchers from Sophos have reported encountering a new utility tool designed to kill EDRs (Endpoint Detection and Response), which…
Read More
Thousands of Oracle NetSuite ERP websites found leaking private customer information
Researchers have discovered a vulnerability in Oracle Netsuite’s SuiteCommerce ecommerce platform that could allow threat actors to steal sensitive data from websites. A report from AppOmni revealed the vulnerability comes from misconfigured access controls in SuiteCommerce instances, specifically within custom record types (CRTs) – tables created by the SuiteCommerce enterprise…
Read More
This crafty ransomware uses an unusual social-engineering tactic to gain access to victim systems
Cybersecurity researchers from the Sophos X-Ops Incident Response team have observed hackers deploying an unusual social engineering tactic to gain access to victim systems and steal sensitive data. The team outlined how a new ransomware player called Mad Liberator emerged in mid-July 2024, mostly focused on data exfiltration (rather than…
Read More
GitHub rolls out new tool to fix code errors even before you see them
GitHub has announced the general availability of Copilot Autofix within its GitHub Advanced Security (GHAS) suite, designed to prevent new vulnerabilities from entering code before you even see them. The tool, announced by Chief Security Officer Mike Hanley in a blog post, will also tackle existing vulnerabilities in code, which…
Read More