Online Security

Even as Microsoft expanded patches for the so-called PrintNightmare vulnerability for Windows 10 version 1607, Windows Server 2012, and Windows Server 2016, it has come to light that the fix …

For years, security professionals have recognized the need to enhance SaaS security. However, the exponential adoption of Software-as-a-Service (SaaS) applications over 2020 turned slow-burning embers into a raging fire. Organizations …

Cybercrime actors part of the Magecart group have latched on to a new technique of obfuscating the malware code within comment blocks and encoding stolen credit card data into images …

This week, PrintNightmare – Microsoft’s Print Spooler vulnerability (CVE-2021-34527) was upgraded from a ‘Low’ criticality to a ‘Critical’ criticality. This is due to a Proof of Concept published on GitHub, …

A malicious campaign that has set its sights on industrial-related entities in the Middle East since 2019 has resurfaced with an upgraded malware toolset to strike both Windows and macOS …

U.S. technology firm Kaseya, which is firefighting the largest ever supply-chain ransomware strike on its VSA on-premises product, ruled out the possibility that its codebase was unauthorizedly tampered with to …

A common misconception among startup founders is that cybercriminals won’t waste time on them, because they’re not big or well known enough yet. But just because you are small doesn’t …

Threat actors behind the notorious REvil cybercrime operation appear to have pushed ransomware via an update for Kaseya’s IT management software, hitting around 40 customers worldwide, in what’s an instance …

Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company’s Play Store after the apps were caught furtively stealing users’ Facebook login credentials. “The …

Cybersecurity researchers on Thursday revealed details about a new Mirai-inspired botnet called “mirai_ptea” that leverages an undisclosed vulnerability in digital video recorders (DVR) provided by KGUARD to propagate and carry …

Cybersecurity researchers are warning of ongoing attacks coordinated by a suspected Chinese-speaking threat actor targeting the Afghanistan government as part of an espionage campaign that may have had its provenance …

A proof-of-concept (PoC) exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. …

An unpatched security vulnerability affecting Google’s Compute Engine platform could be abused by an attacker to take over virtual machines over the network. “This is done by impersonating the metadata …

Microsoft last week rolled out updates for the Edge browser with fixes for two security issues, one of which concerns a security bypass vulnerability that could be exploited to inject …

A previously undocumented Windows malware has infected over 222,000 systems worldwide since at least June 2018, yielding its developer no less than 9,000 Moneros ($2 million) in illegal profits. Dubbed …

Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a “small subset” of its security products such as firewall and VPN servers. Attributing the attacks to …

Google’s sweeping proposals to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to …

Enterprise applications used to live securely in data centers and office employees connected to internal networks using company-managed laptops or desktops. And data was encircled by a walled perimeter to …