Despite the urgent warnings of Chinese state-sponsored threat actors exploiting a critical vulnerability in unpatched BeyondTrust systems, a surprising number of instances remain connected to the Internet. The vulnerability, known as CVE-2024-12356, with a CVSS score of 9.8, impacts Privileged …
Thousands of Buggy BeyondTrust Systems Remain Exposed Read More »
77 Reports have surfaced regarding a sophisticated phishing attack leveraging Google Calendar to circumvent security measures. The cybercriminals behind the attack are aggressively targeting multiple organizations across different industries within a short span of time. Exploiting Google Calendar for Phishing …
New Phishing Campaign Exploits Google Calendar To Evade Filters Read More »
î ‚Jan 01, 2025î „Ravie LakshmananWeb Security / Vulnerability Threat hunters have revealed a new “widespread timing-based vulnerability class” that exploits a double-click sequence to enable clickjacking attacks and account takeovers on nearly all major websites. The method has been named DoubleClickjacking …
New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites Read More »
The digital landscape in the Middle East is rapidly evolving, with tech giants investing heavily in cities like Dubai, Riyadh, and Abu Dhabi to establish themselves as global innovation hubs. However, this growth also brings increased cybersecurity risks, as the …
Cybersecurity Lags in Middle East Business Development Read More »
2025 Cybersecurity Budget Benchmarks for Optimizing Spending and Strategic Impact With 90% of cybersecurity and risk leaders predicting they’ll see budget increases in 2025, many are facing a new era of accountability. Read More
î ‚Dec 29, 2025î „Ravie LakshmananEndpoint Protection / Browser Security A recent cyberattack has compromised several Chrome browser extensions, impacting over 600,000 users with data exposure and credential theft. The attack utilized a phishing campaign to target extension publishers on the Chrome …
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft Read More »
The surge of high-profile cyberattacks targeting US water utilities has continued unabated in recent times. One such incident involved pro-Iranian hackers infiltrating a Pittsburgh-area water utility’s PLC system, defacing the touchscreen with an anti-Israel message, and prompting the utility to …
Patronus AI has unveiled Glider, a cutting-edge 3.8B-parameter language model that is giving tough competition to GPT-4 in terms of evaluation capabilities. What sets Glider apart is that it can run on-device, providing developers and enterprises with transparent AI assessment …
î ‚Dec 26, 2024î „Ravie LakshmananCybercrime / Ransomware A Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company’s network in March 2020. Junior Barros De Oliveira, 29, of Curitiba, Brazil …
To effectively combat the increasing threats of data breaches and ransomware attacks, it is crucial for companies to move away from the outdated “trust but verify” cybersecurity strategy. This approach, which assumes that once a user or device is verified, …
