How Attackers Move from Azure Active Directory to On-Prem AD
Microsoft’s Active Directory (AD) continues to be a primary target for attackers, and as reliance on cloud increases, organizations are …
Attackers
New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message
Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise …
Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap
To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time …
Attackers Can Unlock Tesla Cars and Smart Devices by Exploiting Bluetooth Flaws
Research reveals that cars, homes, and personal data of those depending on Bluetooth proximity authentication mechanisms to protect their …
Attackers Can Unlock Tesla Cars by Exploiting Bluetooth Flaws
Research reveals that cars, homes, and personal data of those depending on Bluetooth proximity authentication mechanisms to protect their …
Remote work hazards: Attackers exploit weak WiFi, endpoints, and the cloud
Infoblox unveils a global report examining the state of security concerns, costs, and remedies. As the pandemic and uneven shutdowns …
Critical Vulnerability in Azure Synapse Let Attackers Control other Customers’ Workspaces
The Microsoft Azure Synapse service has been identified as unsafe to use, and Orca Security has issued a security advisory for …
Attackers Use Event Logs to Hide Fileless Malware
Researchers have discovered a malicious campaign utilizing a never-before-seen technique for quietly planting fileless malware on target …
One Small Error by DevOps, One Giant Opening for Attackers
When you look at breach statistics in today’s cloud-dominated IT world, you can see several examples where a small error made by the …
SolarWinds Attackers Gear Up for Typosquatting Attacks
The same infrastructure traced back to Russian-speaking threat group Nobelium is being used to set up misspelled domain names, presaging …
NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages
A “logical flaw” has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables …
Critical RCE Vulnerability in Google’s VirusTotal Platform Let Attackers Scans Capabilities
There is a security vulnerability in the VirusTotal platform that has been discovered by researchers, and it has the potential to be …
Critical Bug in Everscale Wallet Could’ve Let Attackers Steal Cryptocurrencies
A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an …
Critical Android Bug Let Attackers to Access Users’ Media and Audio Conversations
The audio decoders in Qualcomm and MediaTek chips have been reported to contain three security vulnerabilities. Leaving unpatched three of …