Application securityFake Google Docs on Google Sites launch AZORult infostealer campaignSteve ZurierMarch 18, 2024Azorult infostealer aims to steal user credentials and credit card information via HTML smuggling.
Cloud SecurityMicrosoft reminds DevOps teams that unified domain goes live in JuneSteve ZurierMarch 15, 2024Dev teams need to prepare so they can make an orderly transition to "teams.cloud.micrisoft."
Application securityAkamai offers POC and Open Policy Agent to block Kubernetes bugSteve ZurierMarch 14, 2024Vulnerability allows remote code execution with System privileges on all Windows endpoints within a Kubernetes cluster.
AI/MLNew online investment scams powered by bots to simulate fake expertsSteve ZurierMarch 13, 2024Security pros say the new scams use the latest chatbot technology.
Cloud SecurityPhishing campaign leverages AWS and GitHub to launch RATsSteve ZurierMarch 12, 2024Attackers continue to leverage popular AWS cloud and GitHub developer services as a way to “live-off-the-land” and launch malware.
Network SecurityQNAP fixes three bugs on NAS devices, one critical authentication flawSteve ZurierMarch 11, 2024The critical flaw is an authentication bug could let users compromise the security of the system.
Vulnerability ManagementMicrosoft says Russia-backed Midnight Blizzard accessed its source codeSteve ZurierMarch 8, 2024Security pros say targeting source code will continue because it lets attackers identify new bugs and inject their own malware into the software supply chain.
Network SecurityVMware patches critical, important bugs in ESXi, Workstation and FusionSteve ZurierMarch 7, 2024Security pros say given the installed base of VMware products many companies have, it makes sense to apply the updates right away.
Vulnerability ManagementApple’s 17.4 emergency update patches two iPhone zero-daysSteve ZurierMarch 6, 2024Security pros say the zero-days are serious because nation-states tend to exploit flaws to launch spyware attacks on high-risk individuals.
RansomwareCalls grow for federal funding after Change Healthcare cyberattackSteve ZurierMarch 5, 2024Cash flow crisis lurks among providers and affected third-party companies in healthcare.