Hot Topics

Cybersecurity

Patch Tuesday Includes Microsoft Zero-Day Flaws in April Release

| | advice, Best Practices, Cybersecurity, next gen security, security, Security Research, vulnerability
Microsoft zero-day proxy driver spoofing vulnerability (CVE-2024-26234) and SmartScreen prompt security feature bypass (CVE-2024-29988) require immediate patching  : OFFICIAL CVE-2024-26234 and CVE-2024-29988 INFO :  It’s the second Tuesday of April, which means ...
TrueFort
Cybercrime Predictions from an Industry Veteran: Scott Alldridge

Cybercrime Predictions from an Industry Veteran: Scott Alldridge

| | Cybersecurity
In the dynamic realm of cybersecurity, a shifting threat landscape demands attention ...
Cimcor Blog

What is Session Hijacking?

| | , Cybersecurity, Data breaches, MFA, Password Security, Password Tips
Session hijacking is a prevalent and dangerous attack method frequently employed by cybercriminals to illicitly gain access and then take control of user accounts and systems. Session hijacking is a type of ...
Blog | Enzoic

Preparing for DORA Compliance

| | advice, Best Practices, Cybersecurity, iot, IT-OT, lateral movement, microsegmentation, next gen security, Platform News, Ransomware, security, Security Research, TrueFort, zero trust
In the quest for DORA compliance, we offer a solution for financial services before the January 2025 deadline DORA compliance is born of the financial sector’s growing dependence on Information and Communications ...
TrueFort

PyPI Malicious Package Uploads Used To Target Developers

| | Check Point, Checkmarx, countermeasures, Cyber Threats, Cybersecurity, Cybersecurity News, data theft, Developer Security, digital assets, Malicious package uploads, Malware, online security, package management, persistence, Phylum, PyPI, risk mitigation, software supply chain, Typosquatting, Windows operating system
In light of the recent cybercriminal activity, new user sign-ups on the PyPI platform were halted. Currently, an increase in PyPI malicious package uploads is being deemed the reason behind the suspension ...
TuxCare

Satellite Cybersecurity is a Pressing Reality

| | advice, application protection, Best Practices, Cybersecurity, lateral movement, microsegmentation, next gen security, security, Security Research, zero trust
Satellite cybersecurity has become a pressing issue, with critical infrastructure resting on telecom success  The importance of telecoms and satellite cybersecurity cannot be overstated. In the vast expanse of space, the critical ...
TrueFort
Exploiting limited markup features on web applications

Exploiting limited markup features on web applications

| | Application Security, Cybersecurity, markup features, web applications
Limited features. Big vulnerabilities? Web applications might seem straightforward, but stripped-down code can create hidden weaknesses. Web applications that support limited markup in fields, such as comments, utilize a simplified... The post ...
Strobes Security

CISA Warns of Volt Typhoon Risks to Critical Infrastructure

| | BRONZE SILHOUETTE, cisa, CISA Advisories, CISA Threat Update, Cyber Threats, Cybersecurity, cybersecurity defense strategies, cybersecurity threats, Cybersecurity Weaknesses, enterprise security, FBI, FBI alert, FBI warning, Linux & Open Source News, NSA/CISA report, security risks, US critical infrastructure, Volt Typhoon
The recent joint warning issued by CISA, NSA, FBI, and other U.S. government and international partners highlights a critical cybersecurity threat: Volt Typhoon, a Chinese hacking group. This group has targeted critical ...
TuxCare

Finland Blames APT31 Hackers For Parliament Cyber Attack

| | APT31, Cyber Espionage, Cyber Threats, Cyber-attack, Cybersecurity, Cybersecurity News, Espionage, Finland, Malware, parliament, spear-phishing, state-sponsored-hacking
APT31 Hackers, a Chinese threat actor group, has recently been accused by the Finnish police of attacking the nation’s parliament in 2020. According to recent reports, this attack is said to have ...
TuxCare
What value do Red Team exercises provide to security awareness programs?

Massive AT&T Data Leak, The Danger of Thread Hijacking

| | ATT, Cyber Security, Cybersecurity, Data breach, Data leak, Data Privacy, Digital Privacy, email, Episodes, Information Security, Infosec, Phishing, Podcast, Podcasts, Privacy, Scams, security, social engineering, Solar Eclipse, technology, Thread Hijacking, Weekly Edition
Episode 324 features discussions on a significant AT&T data breach affecting 73 million customers and a sophisticated thread jacking attack targeting a journalist. Co-host Scott Wright joins the discussion, highlighting how millions ...
Shared Security Podcast
Load more