A critical security flaw in Apple’s Safari web browser has led to the emergence of a sophisticated phishing technique known as the Fullscreen Browser-in-the-Middle (BitM) attack, which exploits the browser’s Fullscreen API to deceive users and steal credentials.
The rise of Ransomware-as-a-Service (RaaS) and the use of cryptocurrencies have transformed ransomware into a sophisticated criminal enterprise, significantly impacting Security Operations Centers (SOCs) and leading to high-profile attacks that cause substantial financial and reputational damage.
Over 90% of the world’s top email domains are susceptible to spoofing, enabling cybercriminals to execute sophisticated phishing attacks, with only 7.7% adopting strict DMARC policies to combat these threats.
A recent cyber-attack on ConnectWise, attributed to nation-state actors from China and Russia, exploited the CVE-2024-1709 vulnerability, leading to unauthorized access to its ScreenConnect cloud infrastructure.
Fortinet’s investigation reveals a sophisticated Remote Access Trojan that operated undetected for weeks, utilizing advanced evasion techniques and secure connections to a command-and-control server.
Two prominent UK healthcare organizations were attacked due to a vulnerability in Ivanti Endpoint Manager Mobile, raising concerns about the potential exposure of sensitive information.
