BRICKSTORM, a sophisticated cyber espionage tool linked to the China-aligned threat group UNC5221, has evolved to target both Windows and Linux environments in European strategic industries since late 2022, employing advanced evasion techniques and command-and-control mechanisms for long-term infiltration.
The US government has reinstated funding for the Common Vulnerabilities and Exposures (CVE) database to ensure continuity in cybersecurity resources, while the establishment of the CVE Foundation aims to address future funding uncertainties.
Employing a security service is crucial for safeguarding websites from various online attacks, including SQL injection and malformed data submissions.
A report by Zimperium reveals that significant vulnerabilities, including misconfigured cloud storage and hardcoded credentials, threaten millions of users and organizations across both Android and iOS platforms.
The increasing use of scalper bots is exploiting vulnerabilities in the UK’s driving test booking system, leading to unfair advantages for resellers and significant delays for genuine applicants.
Despite 81% of security leaders expressing confidence in their defenses, 48% of exploitable vulnerabilities remain unresolved, highlighting critical gaps in organizational cybersecurity practices.
Automated traffic now accounts for over half of all web traffic, with malicious bots responsible for 37% of this increase, posing significant risks to businesses across various sectors.
The increasing sophistication of generative AI tools, such as ChatGPT’s image generation capabilities, enables fraudsters to create realistic counterfeit documents, posing significant risks to the retail industry.
The hacking group Slow Pisces, linked to North Korea, is exploiting social engineering tactics on LinkedIn to steal sensitive data from cryptocurrency developers by posing as recruiters and distributing malicious code.
UK financial services firms are increasingly focusing on compliance with cybersecurity regulations, driven by complex cyber risks and the upcoming implementation of stringent frameworks like DORA and new FCA rules, while facing external threats and a skills gap in cybersecurity expertise.
