Cybersecurity Blog

Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs

Cymulate’s proof-of-concept attack demonstrates how multiple on-premises domains syncing to a single Azure tenant ...

Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group

Researchers have uncovered new infrastructure connected to the financially motivated threat actor FIN7. The analysis ...

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks

Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large ...

Update: Windows Zero-Day Flaw was Exploited by North Korea-linked Lazarus APT

Microsoft has patched a zero-day vulnerability, known as CVE-2024-38193, that was being exploited by the North ...

Thousands of Oracle NetSuite E-Commerce Sites Expose Sensitive Customer Data

Thousands of Oracle NetSuite E-Commerce Sites are at Risk of Exposing Sensitive Customer Data due to a widespread ...

Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific ...

OpenAI Blocks Iranian Influence Operation Using ChatGPT for U.S. Election Propaganda

OpenAI on Friday said it banned a set of accounts linked to what it said was an Iranian covert influence operation that ...

Doppelgänger Operation Rushes to Secure Itself Amid Ongoing Detections, German Agency Says

European hosting companies were found to be supporting the Kremlin-linked disinformation campaign, prompting ...

1 68 69 70 71 72 73 74 75 76 77 78 667