Category: Cyber Security

Mar 07, 2024NewsroomVulnerability / Web Security Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity […]

A 20-year-old Trojan resurfaced recently with new variants that target Linux and impersonate a trusted hosted domain to evade detection. Researchers from Palo Alto Networks spotted a new Linux variant of the Bifrost (aka Bifrose) malware that uses a deceptive practice known as typosquatting to mimic a legitimate VMware domain, which allows the malware to […]

TL;DR: Kickstart a successful career in cybersecurity with The Ultimate Cybersecurity & IT Career Certification Pathway Training Bundle, now just $28 through March 10 with code ENJOY20. In our always-connected world, there’s a constant demand for cybersecurity resources due to the myriad threats that individuals and businesses face online. Hiring cybersecurity experts can get expensive […]

The proliferation of applications across hybrid and multicloud environments continues at a blistering pace. For the most part, there is no fixed perimeter, applications and environments are woven together across datacenters and public cloud providers. The attack surface has expanded. Organizations struggle with a lack of visibility, and vulnerabilities are a constant issue for application […]

With the proliferation of AI/ML enabled technologies to deliver business value, the need to protect data privacy and secure AI/ML applications from security risks is paramount. An AI governance  framework model like the NIST AI RMF to enable business innovation and manage risk is just as important as adopting guidelines to secure AI. Responsible AI starts […]

Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday. Exploitation appears to be massive, with hundreds of new users created on unpatched instances of TeamCity exposed on the public web. Risk of supply-chain attacks LeakIX, a search engine for exposed device misconfigurations […]

Mar 07, 2024NewsroomVulnerability / Information Stealer Facebook messages are being used by threat actors to a Python-based information stealer dubbed Snake that’s designed to capture credentials and other sensitive data. “The credentials harvested from unsuspecting users are transmitted to different platforms such as Discord, GitHub, and Telegram,” Cybereason researcher Kotaro Ogino said in a technical […]