RansomwareNew HardBit ransomware variant increases stealth and persistenceLaura FrenchJuly 16, 2024HardBit 4.0 aims to prevent recovery through passphrase protection and packing with the Neshta virus.
IdentitySquarespace botch of Google handover leads to domain hijackShaun NicholsJuly 16, 2024A hiccup in the handover of former Google Domains has lead to a rash of site takeovers.
Network SecurityVoid Banshee group using patched zero-day to execute infostealerSteve ZurierJuly 16, 2024Security pros warn teams to patch the MHTML bug ASAP.
Network SecurityNew phishing tactic hijacks email protections to mask linksLaura FrenchJuly 15, 2024Barracuda researchers discovered phishing links “wrapped” by legitimate URL protection services.
Application security‘Trojan Source’ flaw could result in covert app poisoningShaun NicholsJuly 15, 2024A newly disclosed vulnerability in the way source code is compiled could put enterprises at risk of upstream attacks.
Cloud Security5 questions to ask about the latest news surrounding the AT&T breachSteve ZurierJuly 15, 2024There’s a lot swirling around the massive AT&T data breach. Here’s what we know so far.
Application security‘Shadow SaaS’ used by two-thirds of security pros, survey findsLaura FrenchJuly 12, 2024Many organizations lack policies and training to address the risk of shadow IT, including GenAI.
Network SecurityCISA sees red over government cybersecurity exerciseShaun NicholsJuly 12, 2024U.S. government organizations are falling short on their cybersecurity practices.
IdentityMassive AT&T breach linked to cloud IT service provider SnowflakeSteve ZurierJuly 12, 2024Records of over 100 million AT&T customers' calls and texts affected — “nearly all.”
Vulnerability ManagementGitLab patches 2nd critical pipeline vulnerability in last monthLaura FrenchJuly 11, 2024CVE-2024-6385, like another bug patched last month, could allow attackers to run pipelines as any user.