Cybersecurity Blog
Construction Companies Potentially Vulnerable Through Accounting Software
Cybersecurity firm Huntress reported that attackers search for publicly accessible installations of Foundation software ...
Valid Accounts Remain Top Access Point for Critical Infrastructure Attacks, Officials Say
Valid account abuse remains a top entry point for critical infrastructure attacks, with the CISA reporting that 2 in 5 ...
Data Theft Risk in Salesforce by Manipulating Public Links
The vulnerability was related to the undocumented Salesforce Aura API and SOQL subqueries, allowing a blind SOQL ...
US Indicts Chinese National for Phishing for NASA Tech
Prosecutors allege that Chinese national Wu Song targeted US academics and engineers to obtain applications used in ...
North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware
A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective ...
Critical Flaws Found in VICIdial Contact Center Suite, PoC Published
Two critical vulnerabilities, CVE-2024-8503 (SQL Injection) and CVE-2024-8504 (Privilege Escalation), have been ...
Advanced Phishing Attacks Put X Accounts at Risk
Advanced phishing attacks are putting X accounts, formerly known as Twitter, at risk. Even with two-factor ...
Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing
Google has announced that it’s rolling out a new set of features to its Chrome browser that gives users more ...