What Is Attack Surface Management?
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what’s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the…
Security News, Assessments & Alerts
Security News, Assessments & Alerts
Security Issues, Vulnerabilities, Exploits & Government Alerts
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware…
U.S. and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
Feb 01, 2025Ravie LakshmananCybercrime / Fraud Prevention U.S. and Dutch law enforcement agencies have announced that they have dismantled 39 domains and their associated servers as part of efforts to disrupt a network of online…
BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key
Feb 01, 2025Ravie LakshmananVulnerability / Zero-Day BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company’s Remote Support SaaS instances by making use of a compromised API…
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists
Feb 01, 2025Ravie LakshmananPrivacy / Surveillance Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members. The campaign, which targeted around 90 members,…
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts
Feb 01, 2025Ravie LakshmananMalvertising / Mobile Security Cybersecurity researchers have discovered a malvertising campaign that’s targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting…
CISA and FDA Warn of Critical Backdoor in Contec CMS8000 Patient Monitors
Jan 31, 2025Ravie LakshmananVulnerability / Healthcare The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued alerts about the presence of hidden functionality in Contec CMS8000 patient monitors…
Top 5 AI-Powered Social Engineering Attacks
Social engineering has long been an effective tactic because of how it focuses on human vulnerabilities. There’s no brute-force ‘spray and pray’ password guessing. No scouring systems for unpatched software. Instead, it simply relies on…
Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
Italy’s data protection watchdog has blocked Chinese artificial intelligence (AI) firm DeepSeek’s service within the country, citing a lack of information on its use of users’ personal data. The development comes days after the authority,…
Google Bans 158,000 Malicious Android App Developer Accounts in 2024
Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful…