Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
Jan 18, 2023Ravie LakshmananCyber Espionage / Cyber Risk
The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting...
Guide: How MSSPs and vCISOs can extend their services into compliance readiness without increasing...
Jan 18, 2023The Hacker NewsVirtual CISO / Automated vCISO
Compliance services are emerging as one of the hottest areas of cybersecurity.
While compliance used...
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
Jan 18, 2023Ravie LakshmananICS/SCADA Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several...
Zoho ManageEngine PoC Exploit to be Released Soon – Patch Before It’s Too Late!
Jan 17, 2023Ravie LakshmananCyber Threat / Vulnerability
Users of Zoho ManageEngine are being urged to patch their instances against a critical security vulnerability ahead...
4 Places to Supercharge Your SOC with Automation
It's no secret that the job of SOC teams continues to become increasingly difficult. Increased volume and sophistication of attacks are plaguing under-resourced...
Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized Access
Jan 17, 2023Ravie LakshmananCloud Security / Bug Report
Four different Microsoft Azure services have been found vulnerable to server-side request forgery (SSRF) attacks that...
Over 6000 Internet-Exposed Cacti Servers are Unpatched
A significant number of servers that use the Cacti software, and are connected to the internet, have not been updated to fix a security...
Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware
Jan 17, 2023Ravie LakshmananThreat Response / Malware
New research has found that it is possible for threat actors to abuse a legitimate feature in...
Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems
Jan 17, 2023Ravie LakshmananSoftware Security / Supply Chain
A threat actor by the name Lolip0p has uploaded three rogue packages to the Python Package...
CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers
Jan 16, 2023Ravie LakshmananIndustrial Control Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released several Industrial Control Systems (ICS) advisories warning of...