Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management. In this article, we discuss omission bias in vulnerability management, particularly vulnerability remediation, and how […]
The British government has told business leaders to “toughen up” their protections against cyberattacks and prioritize the threat as a key business risk similar to financial and legal challenges. It follows a government survey that identified “insufficient director involvement” in their organization’s cybersecurity, with just 30% of businesses having “board members or trustees explicitly responsible […]
A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) group under the name Blackwood. It’s said to be active since at least 2018. […]
Jan 25, 2024NewsroomThreat Intelligence / Malware Research A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads onto compromised hosts for follow-on exploitation. Arctic Wolf Labs, which discovered the new attack tool in two recent intrusions, said the loader’s icon and name masquerades as the […]
Both Juniper Networks and Ivanti have attracted criticism from members of the infosec industry for the way they’ve handled the disclosure of vulnerabilities over the past week.
Teenpatti.com and (Mobile Premier League)Mpl.live, two prominent online gaming platforms in India, may have experienced a data breach. Allegedly, a cybercriminal known as ‘roshtosh’ has put up for sale data claimed to be stolen from these platforms. The online gaming data breach, disclosed on January 22, 2024, following the threat activity on January 20, 2024, […]
Jamf Threat Labs researchers warned against pirate applications distributing a backdoor to macOS users. The researchers noticed the apps appeared similar to ZuRu malware and allowed attackers to download and execute multiple payloads to compromise machines. First discovered According to researchers, the pirated applications are hosted on Chinese pirating websites. They first came across the […]
The flaw affects several versions of GitLab and patches have already been released. The servers at risk are mainly located in the United States, Germany, Russia, China, France, the U.K., India, and Canada.
Last updated 25 January, 2024 The AlphaTheta Corporation has announced the first two products under its newly announced AlphaTheta brand: The Omnis Duo, which is a portable all-in-one DJ controller, and the Wave Eight, a portable DJ speaker. Read on for more info and links to our reviews of the new gear… Omnis Duo all-in-one […]