Month: September 2024

How to Plan and Prepare for Penetration Testing

As security technology and threat awareness among organizations improves so do the adversaries who are adopting and relying on new techniques to maximize speed and impact while evading detection. Ransomware and malware continue to be the method of choice by big game hunting (BGH) cyber criminals, and the increased use of hands-on or “interactive intrusion” […]
Read More

Why ‘Never Expire’ Passwords Can Be a Risky Decision

Password resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they create are rejected by their organization’s password policy. IT teams share the pain, with resetting passwords via service desk tickets and support calls […]
Read More

Google Now Syncing Passkeys Across Desktop, Android Devices

Google on Thursday announced that users who rely on passkeys to sign into applications and websites can now save the passkeys on more than just their Android devices. The internet giant introduced passkey support in Android and Chrome in 2022, enabling users to log in with biometric authentication instead of passwords, which may be compromised through leaks […]
Read More

Apple Suddenly Drops NSO Group Spyware Lawsuit

Apple has abruptly withdrawn its lawsuit against NSO Group, citing increased risk that the legal battle might unintentionally reveal sensitive vulnerability data and difficulties in acquiring essential information from the spyware vendor. In a court filing Friday, Apple said continuing the lawsuit now poses “too significant a risk” of exposing the anti-exploitation and threat intelligence […]
Read More

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

Microsoft raised an alarm for in-the-wild exploitation of a critical flaw in Windows Update, warning that attackers are rolling back security fixes on certain versions of its flagship operating system. The Windows flaw, tagged as CVE-2024-43491 and marked as actively exploited, is rated critical and carries a CVSS severity score of 9.8/10. Microsoft did not provide any information […]
Read More

Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. “Head Mare uses more up-to-date methods for obtaining initial access,” Kaspersky said in a Monday analysis of the group’s tactics and tools. “For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which allows the […]
Read More

No products in the cart.

Subscribe to our newsletter

Sign up to receive latest news, updates, promotions, and special offers delivered directly to your inbox.
No, thanks
X