Iranian APT Peach Sandstorm teases new Tickler malware

Read more »

Global cyber spend to rise 15% in 2025, pushed along by AI

Read more »

What Is Cybersecurity Awareness Training? Why Your Business Needs it

Organizations of all sizes are being targeted by bad actors, which is why cybersecurity awareness training is more important than ever. Unfortunately, most organizations are not motivated to implement... Read more »

BlackByte affiliates use new encryptor and new TTPs

BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent... Read more »

Fortinet introduces sovereign SASE and GenAI capabilities

Fortinet announced the addition of sovereign SASE and GenAI capabilities to its unified SASE solution. Fortinet Unified SASE provides complete integration between Fortinet’s Secure SD-WAN solution and cloud-delivered security... Read more »

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)

ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asian countries. When... Read more »

HYCU for Microsoft Entra ID provides organizations with automated, policy-driven backups

HYCU announced significant updates to its HYCU R-Cloud data protection platform that offers customers additional protection for their Identity and Access Management (IAM) solutions with support for Microsoft Entra... Read more »

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)

Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in... Read more »

U.S. CISA adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apache OFBiz Incorrect Authorization... Read more »

Expel partners with Wiz to enhance security for cloud environments

Expel announced a new strategic partnership with Wiz, a cloud-native application protection platform (CNAPP). The partnership provides an integration offering MDR for Wiz toxic risk combinations (including vulnerabilities, secrets,... Read more »
Subscribe to our Newsletter