Cybersecurity Breaches Surge Due to Employee Awareness Gaps
Nearly 90% of enterprises faced cybersecurity breaches last year, with 67% of business leaders citing insufficient employee security awareness as a primary factor, prompting organizations to enhance training programs amid rising AI-driven threats.
View full story…
U.S. Struggles to Maintain AI Edge Amid Power Grid Challenges
The rapid advancement of AI technology is straining the U.S. energy grid, raising concerns about cybersecurity vulnerabilities and the nation’s competitive position in the global AI arms race.
View full story…
Critical Deserialization Vulnerability in Microsoft SharePoint Actively Exploited
A critical deserialization vulnerability, CVE-2024-38094, in Microsoft SharePoint is being actively exploited, allowing attackers to execute arbitrary code and posing significant cybersecurity risks.
View full story…
Embargo Ransomware Group Unveils Advanced Rust-Based Toolkit
The newly identified Embargo ransomware group has developed a sophisticated Rust-based toolkit, featuring MDeployer and MS4Killer, designed to bypass cybersecurity defenses and target both Windows and Linux systems in double-extortion attacks against US companies.
View full story…
Rising Identity-Based Attacks Prompt Overhaul of Security Strategies
Organizations face increasing identity-based attacks, particularly in SaaS environments, leading to a call for enhanced security measures and strategic advancements as highlighted by Okta’s new initiatives.
View full story…
Decentralized SaaS Environments Heighten Security Risks for Organizations
A recent report reveals that 31% of organizations experienced a SaaS data breach in 2024, highlighting significant vulnerabilities due to a lack of centralized security measures and awareness among security practitioners.
View full story…
Private Equity Firms Face Rising Cybersecurity Threats Amid M&A Activity
Private equity firms are increasingly at risk of cyberattacks, particularly during mergers and acquisitions, due to their handling of sensitive information and the growing prevalence of supply chain vulnerabilities.
View full story…
WarmCookie Malware: A Rising Cyber Threat Linked to TA866
The WarmCookie malware, associated with the TA866 threat group, has been actively distributed since early 2024 and serves as an initial payload for further threats like CSharp-Streamer-RAT and Cobalt Strike, showcasing advanced capabilities and ongoing development.
View full story…
Latest Cybernews
WordPress Websites Targeted by ClearFake and ClickFix Malware Campaigns
WordPress websites are increasingly compromised by the ClearFake and ClickFix campaigns, which exploit vulnerabilities to install malicious plugins that deceive users into downloading information-stealing malware.
View full story…
US Senate Campaign Websites Lack Essential Cybersecurity Protections
Nearly 75% of US Senate campaign websites are vulnerable to cyberattacks due to the absence of Domain-based Message Authentication, Reporting, and Conformance (DMARC) protections, risking sensitive information and the integrity of electoral communications.
View full story…
AI-Driven Cyberattacks Target Retailers During Holiday Season
Retailers are facing over 500,000 daily AI-driven cyberattacks, leveraging generative AI and large language models, particularly during the critical holiday shopping season.
View full story…
Gurugram Police Arrest Bank Employees for Cyber Fraud Involvement
Two Punjab National Bank employees, including a deputy manager, were arrested in Gurugram for facilitating a fraudulent bank account used to conceal embezzled funds in a cybercrime scheme.
View full story…
Broadcom Releases Critical Patches for VMware vCenter Server Vulnerabilities
Broadcom has issued essential software updates to address severe security vulnerabilities CVE-2024-38812 and CVE-2024-38813 in VMware vCenter Server, which could allow remote code execution and system compromise.
View full story…
Malicious npm Packages Target Ethereum Wallet Developers
Cybersecurity researchers have discovered a series of malicious npm packages designed to harvest private keys and enable unauthorized access to systems of Ethereum wallet developers through an SSH backdoor.
View full story…