Cozy Bear (APT29) Constant presences
Alongside Cozy Bear, other groups like APT28 (Fancy Bear), Voodoo Bear, Primitive Bear, and Venomous Bear employ advanced tactics to infiltrate and extract data from their targets.
Latest updates and hand-picked resources.
Alongside Cozy Bear, other groups like APT28 (Fancy Bear), Voodoo Bear, Primitive Bear, and Venomous Bear employ advanced tactics to infiltrate and extract data from their targets.
Microsoft has introduced a new in-browser protection feature for Microsoft Defender for Cloud Apps. This update is designed to strengthen security by offering real-time monitoring and control over user activities in sanctioned and unsanctioned cloud applications.
Advanced Persistent Threat (APT) group APT43, originating from North Korea and known for its espionage activities, is currently exploiting poorly configured or unconfigured DMARC policies.
In the digital age, the threat landscape evolves with alarming speed, and ransomware groups are at the forefront of this change, wreaking havoc on businesses and individuals alike.
The "Mother of All Breaches" (MoAB), a term now synonymous with one of the largest data leaks in the history of cybersecurity, has been a jolting wake-up call for digital security worldwide. This breach encompassed a staggering 12 TB of information, impacting over 26 BN records.
The realm of Artificial Intelligence (AI) is rapidly evolving, ushering in transformative tools like ChatGPT and Microsoft Copilot, which have revolutionized how we interact with technology.
In the dynamic world of cybersecurity, the evolution of attack methods like Evilginx and Evilginx2, designed to bypass robust defenses such as Multi-Factor Authentication (MFA), is closely matched by developments in attack frameworks.
CVE-2023-7028 is a critical vulnerability in GitLab that allows unauthorized account takeovers through a password reset mechanism. It was assigned a CVSS score of 10.0, indicating the highest level of severity.
In the realm of cybersecurity, the advent of QR-code phishing has introduced a novel challenge, reshaping the dynamics of digital threats and defenses. QR-code phishing, or 'Quishing,' is a tactic where QR codes are manipulated to facilitate phishing attacks.
CVE-2023-50164 is a critical vulnerability discovered in Apache Struts 2. This vulnerability is related to a path traversal flaw that allows a remote attacker to upload malicious files to vulnerable servers, potentially leading to Remote Code Execution (RCE) on the target server.
The 2023 LinkedIn security breach, initially perceived as a significant threat, turned out to be less severe due to the inclusion of many fictitious email addresses. This incident, which involved the extraction of large data sets from LinkedIn, highlights the growing concern around data scraping practices by hackers.
CVE-2023-38831 identifies a file extension spoofing vulnerability in WinRAR, a popular Windows tool for compressing and decompressing files. This flaw allowed clever individuals to create ZIP or RAR files that appeared ordinary but were structured in a way that concealed malicious code.
This is a vulnerability in Microsoft Edge (Chromium-based) that could allow an attacker to elevate their privileges on the affected system. The vulnerability has been assigned a high severity rating with a CVSS score of 8.3, indicating that it poses a significant risk.
We see an increasing demand for information on current CVEs, APTs, malware, etc.. The newsletter will be our way to satisfy this demand and focus on threats, which are relevant to our customers.
The cybersecurity landscape has recently been shaken by a significant vulnerability in Ivanti Endpoint Manager Mobile (EPMM), previously known as MobileIron Core. This authentication bypass vulnerability has had a notable impact, affecting 12 ministries in Norway and illustrating its potential for widespread damage.