API security company Traceable has unveiled its 2023 State of API Security Report. In collaboration with the Ponemon Institute, the study provides a comprehensive global perspective on the state of API security, exposing critical vulnerabilities and their far-reaching consequences. The report, based on insights from 1629 cybersecurity experts across the United States, the United Kingdom […]
Introduction HijackLoader is a new malware loader, which has grown in popularity over the past few months. Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have. Based on […]
The UK government appears to have pulled back on a controversial clause in its forthcoming Online Safety Bill that would have forced tech companies to snoop on users’ messages. Clause 110 of the mammoth piece of legislation enables regulator Ofcom to force messaging providers to use “accredited technology” to perform so-called “client-side scanning.” That is, […]
Introduction The Zscaler ThreatLabz team recently observed a surge in tech-support scams, with a noteworthy focus on the utilization of Windows Action Center notifications to display misleading warning messages to users. While the majority of tech-support scams previously centered around counterfeit notifications related to Windows Defender, scammers have since expanded their tactics to include bogus […]
Vendor Risk Management Series B Funding Will Allow Certa to Further Automate Compliance, Procurement Tasks Michael Novinson (MichaelNovinson) • September 8, 2023 Jag Lamba, founder and CEO, Certa (Image: Certa) A third-party management platform founded by a longtime McKinsey consultant closed a funding round to bring further automation to compliance and procurement tasks. […]
Enlarge / Cisco Systems headquarters in San Jose, California, US, on Monday, Aug. 14, 2023. Cisco Systems Inc. is scheduled to release earnings figures on August 16. Photographer: David Paul Morris/Bloomberg via Getty Images Cisco on Thursday confirmed the existence of a currently unpatched zero-day vulnerability that hackers are exploiting to gain unauthorized access to […]
An individual employed by a Washington DC-based organization with international offices was targeted with powerful hacking software made by NSO Group, researchers have claimed, raising new concerns about the proliferation of spyware that can infect Apple devices. The alleged attack was discovered by researchers at the Citizen Lab at the Munk School at the University […]
A cybersecurity company claims it identified and thwarted a massive distributed denial-of-service (DDoS) attack targeting a prominent American financial institution. The researchers at Akamai Technologies did not reveal the company’s name but said it is among their “largest and most influential” customers in the financial sector. DDoS attacks overwhelm websites with a flood of traffic, […]
Sep 11, 2023THNEndpoint Security / Malware A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. “In this campaign, the threat actors steal and […]