Jan 28, 2025Ravie LakshmananRansomware / Threat Intelligence Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to tunnel traffic to command-and-control (C2)…
While passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST password recommendations are now prioritizing…
Jan 28, 2025Ravie LakshmananCybersecurity / Cyber Espionage The Council of the European Union has sanctioned three individuals for allegedly carrying out “malicious cyber activities” against Estonia. The three Russian nationals – Nikolay Alexandrovich Korchagin, Vitaly…
Jan 28, 2025Ravie LakshmananArtificial Intelligence / Technology DeepSeek, the Chinese AI startup that has captured much of the artificial intelligence (AI) buzz in recent days, said it’s restricting registrations on the service, citing malicious attacks.…
Jan 28, 2025Ravie LakshmananVulnerability / Endpoint Security Apple has released software updates to address several security flaws across its portfolio, including a zero-day vulnerability that it said has been exploited in the wild. The vulnerability,…
Jan 27, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to…
![Top Cybersecurity Threats, Tools and Tips [27 January]](https://i2.wp.com/blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1de6DT-dB1sOMXF-3PGpHW68C7duvJm1JreoDh3dNfwhkQ2Q6V60GrDu8HZV3ilI2uWJYCsP_dSJ-OrZNaozg3IsL8xZ_UH6jUVGWOu-cgDmT5n3q64Mgz71jwN49-m2V46my5whXSMZFV5FcTzWux_l-wpclKZCqkSOBpHs-ICyHRAgtT69yA6NTkUp-/s728-rw-e365/recap.png?w=930&resize=930,620&ssl=1 "Top Cybersecurity Threats, Tools and Tips [27 January]")
Jan 27, 2025Ravie LakshmananCybersecurity / Recap Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated…
The Open Web Application Security Project has recently introduced a new Top 10 project – the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable…
Jan 27, 2025Ravie LakshmananCyber Espionage / Threat Intelligence A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign…
Jan 27, 2025Ravie LakshmananMalware / SEO Poisoning Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source…