Month: November 2024

In the evolving world of cybersecurity, protecting endpoints such as laptops, desktops, and servers is essential for businesses. Endpoint detection and response (EDR) software is specifically designed to monitor, detect, and respond to threats targeting these endpoints.  However, with so many options on the market, knowing what features to look for in EDR software is…

In today’s digital world, security is a priority for every business, regardless of size. Cyber threats are constantly evolving and target all devices connected to a network, making endpoint security a fundamental part of any cybersecurity strategy.  One term that frequently comes up in the context of threat management is EDR. But what does EDR…

Major UK healthcare provider Wirral University Teaching Hospital (WUTH), part of the NHS Foundation Trust, has suffered a cyberattack that caused a systems outage leading to postponing appointments and scheduled procedures. The attack was disclosed publicly on Monday and the disruption continues. WUTH is a public healthcare organization in the United Kingdom that operates the Arrowe…

In an age of rising cyber threats, businesses of all sizes are focusing on stronger cybersecurity measures. One of the most effective tools for identifying and managing these threats is SIEM software (Security Information and Event Management).  SIEM software has become a core component of modern cyber defense by combining real-time monitoring, advanced analytics, and…

​Microsoft has re-released the November 2024 security updates for Exchange Server after pulling them earlier this month due to email delivery issues on servers using custom mail flow rules. The company announced it pulled the updates from the Download Center and Windows Update following widespread reports from admins that email had stopped flowing in their…

​Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months. As Check Point Research found while investigating the attacks, threat actors can use this malware loader to target gamers across all major platforms, including Windows, macOS, Linux,…

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a critical authentication bug impacting ProjectSend versions before r1720, allowing attackers to send specially crafted HTTP requests to ‘options.php’ to change the application’s configuration. Successful exploitation…

Zello is warning customers to reset their passwords if their account was created before November 2nd in what appears to be another security breach. Zello is a mobile service with 140 million users that allows first responders, hospitality services, transportation, and family and friends to communicate via their mobile phones using a push-to-talk app. Over the…

​Microsoft has denied claims that it uses Microsoft 365 apps (including Word, Excel, and PowerPoint) to collect data to train the company’s artificial intelligence (AI) models. “Microsoft does not use customer data from Microsoft 365 consumer and commercial applications to train large language models. Additionally, the Connected Services setting has no connection to how Microsoft…