Organizations are increasingly addressing the personal liability of Chief Information Security Officers (CISOs) through policy changes and enhanced resource allocation in response to evolving cybersecurity regulations and threats.
A sophisticated cyber-espionage campaign, dubbed UNK_CraftyCamel, attributed to Iranian-aligned threat actors, has been uncovered targeting critical infrastructure organizations in the UAE, utilizing phishing tactics and a newly discovered backdoor known as Sosano.
The rapid adoption of Generative AI necessitates effective governance to mitigate financial, regulatory, and reputational risks faced by organizations.
A network of North Korean-affiliated hackers, including the Lazarus Group, is executing a scheme to infiltrate Western firms by creating fake IT professional personas to secure remote positions in engineering and blockchain development.
Cisco Small Business RV Series routers and Microsoft Windows systems are facing critical vulnerabilities, including CVE-2023-20118 and CVE-2018-8639, which are actively exploited and pose significant risks to network security.
Cybercriminals are increasingly using the Darcula PhaaS platform to create realistic replicas of legitimate websites, enabling sophisticated phishing attacks with advanced features like bypassing multi-factor authentication.
The rapid deployment of private 5G networks in critical sectors raises security concerns as organizations adopt AI security tools without sufficient expertise, potentially exposing themselves to cyber threats.
US Defense Secretary Pete Hegseth’s decision to pause planning for offensive cyber operations against Russia has raised concerns about national security and the ability to counter ongoing cyber threats from adversaries.
Vodafone is collaborating with IBM to integrate quantum-safe technology into its Secure Net service, aiming to protect users from future cyber threats associated with advancements in quantum computing.
A new cyberattack campaign has been identified that targets Microsoft Windows users by utilizing social engineering, multi-stage malware, and the modified Havoc Demon Agent to exploit trusted cloud services for malicious activities.
