Russia-Sponsored Cyberattackers Infiltrate Microsoft’s Code Base
The Russian state-sponsored advanced persistent threat (APT) group known as Midnight Blizzard has nabbed Microsoft source code after accessing internal repositories and systems, as part of an ongoing series of attacks by a very sophisticated adversary. The Redmond giant noted today that the previously announced cyber campaign by Midnight Blizzard, which commenced in January, has […]
Going the Distance: What Channel Women Can Learn From Marathon Swimmer Diana Nyad
This year, International Women’s Day and the Oscars are within two days of each other. Which is a happy accident, since 2023 saw the release of many films featuring incredible actresses in strong female lead roles. Among the nominees for Best Actress is a movie that speaks directly to IWD’s 2024 theme, #InspireInclusion. In fact, […]
UnitedHealth brings some Change Healthcare pharmacy services back online
Optum’s Change Healthcare has started to bring systems back online after suffering a crippling BlackCat ransomware attack last month that led to widespread disruption to the US healthcare system. United Health Group (UHG) is the largest American health insurance company, and its subsidiary, Optum Solutions, operates the Change Healthcare platform. Change Healthcare operates the largest […]
QEMU Emulator Exploited as Tunneling Tool to Breach Company Network
Mar 08, 2024NewsroomEndpoint Security / Network Security Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed “large company” to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to […]
South Korean Police Deploy Deepfake Detection Tool Prior to Elections
Amid a steep rise in politically motivated deepfakes, South Korea’s National Police Agency (KNPA) has developed and deployed a tool for detecting AI-generated content for use in potential criminal investigations. According to the KNPA’s National Office of Investigation (NOI), the deep learning program was trained on approximately 5.2 million pieces of data sourced from 5,400 […]
Protect Your Cloud Environments with Data Security Observability
Data is the new fuel for business growth Data is at the heart of seemingly everything these days, from the smart devices in our homes to the mobile apps we use on the go every day. This wealth of information at our fingertips allows us to correlate data points and determine patterns and outcomes faster […]
QNAP warns of critical auth bypass flaw in its NAS devices
QNAP warns of vulnerabilities in its NAS software products, including QTS, QuTS hero, QuTScloud, and myQNAPcloud, that could allow attackers to access devices. The Taiwanese Network Attached Storage (NAS) device maker disclosed three vulnerabilities that can lead to an authentication bypass, command injection, and SQL injection. While the last two require the attackers to be authenticated on […]