'

​​Microsoft recognized as a Leader in the Forrester Wave™: Workforce Identity Platform, Q1 2024

​​Microsoft recognized as a Leader in the Forrester Wave™: Workforce Identity Platform, Q1 2024

We’re thrilled to announce that Forrester has recognized Microsoft as a Leader in the Forrester Wave™: Workforce Identity Platforms, Q1 2024 report. We’re proud of this recognition, which we believe reflects our commitment to delivering advanced solutions that cater to the evolving needs of our customers in the workforce identity space. Identity professionals have a … Read more

Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

Cybersecurity researchers at Kaspersky have uncovered evidence that cybercriminal groups are customizing the virulent LockBit 3.0 ransomware for targeted attacks against organizations worldwide. This allows the threat actors to tailor the malware for maximum impact and effectiveness against specific targets. The findings come from the researcher’s analysis of the leaked LockBit 3.0 builder, which first … Read more

MY TAKE: GenAI revolution — the transformative power of ordinary people conversing with AI

San Francisco, Calif. — The amazing digital services we have today wouldn’t have come to fruition without the leading technology and telecom giants investing heavily in R&D. Related: GenAi empowers business I had the chance to attend NTT Research’s Upgrade Reality 2024 conference here  last week to get a glimpse at some of what’s coming … Read more

Crickets from Chirp Systems in Smart Lock Key Leak

Crickets from Chirp Systems in Smart Lock Key Leak

The U.S. government is warning that smart locks securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, … Read more

Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks

A new remote code execution vulnerability has been identified to be affecting multiple Microsoft products including .NET, .NET Framework and Visual Studio. This vulnerability has been assigned CVE-2024-21409, and its severity has been given as 7.3 (High). This vulnerability is associated with the Use After Free condition, in which the pointer to a memory is … Read more

#MIWIC24 Cyber Marketeer of the Year: Laura Reilly

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on this year’s winner of the Paula Brici Cyber Marketeer of the Year Award, which was presented to Laura Reilly for her exceptional … Read more

LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

The revival of the LightSpy malware campaign has been observed, focusing on Indian Apple device users. This sophisticated mobile spyware, suspected to have origins in China, is being used for espionage, targeting a select group of individuals, including journalists, activists, politicians, and diplomats across Southern Asia. The implications of such targeted attacks are vast, raising … Read more

LightSpy Malware Attacking Android and iOS Users

LightSpy Malware Attacking Android and iOS Users

A new malware known as LightSpy has been targeting Android and iOS users. This sophisticated surveillance tool raises alarms across the cybersecurity community due to its extensive capabilities to exfiltrate sensitive user data. LightSpy is a modular malware implant designed to infiltrate mobile devices. With variants for both Android and iOS platforms, it represents a … Read more

CISA Warns of Sisense Breach

CISA Warns of Sisense Breach

The Cybersecurity and Infrastructure Security Agency is responding to an intrusion affecting Sisense, a major provider of business and data analytics, that involves the compromise of customer data. The agency released an alert about the incident on Thursday morning and Sisense has reportedly notified customers but has not released any public statements about the intrusion … Read more

Categories duo

Palo Alto Networks Discloses Critical PAN-OS Zero Day

Palo Alto Networks Discloses Critical PAN-OS Zero Day

Palo Alto Networks is warning customers of a critical-severity vulnerability in its PAN-OS software for firewalls. The flaw is currently being exploited in the wild, and patches won’t be available until Sunday. The vulnerability (CVE-2024-3400) ranks 10 out of 10 on the CVSS scale, and stems from a command injection issue in the GlobalProtect feature … Read more

Categories duo

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its GlobalProtect Gateway, identified as CVE-2024-3400. This flaw, rooted in the PAN-OS operating system, has already been exploited in a limited number of attacks, raising alarms across the cybersecurity community. CVE-2024-3400 is classified under CWE-77, which pertains to the improper neutralization of … Read more