Category: Kamban

The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. Kaspersky discovered the attacks on May 13, 2024, and reported the Chrome zero-day flaw to Google. Google issued a fix for CVE-2024-4947 on May 25, with Chrome version 125.0.6422.60/.61. Lazarus…

In the world of cybersecurity, protecting endpoints – such as computers, laptops, and mobile devices – is a top priority for organizations of all sizes.Two common approaches to endpoint security are Endpoint Detection and Response (EDR) and traditional antivirus solutions. While both aim to protect against cyber threats, they differ significantly in their capabilities and…

Google has announced it will soon allow organizations to create their own curated “Enterprise Web Store” of company-sanctioned browser extensions for Chrome and ChromeOS, aimed at improving productivity, security, and management for businesses. The new store, planned to enter preview later this year, aims to provide businesses with a dedicated, curated environment for browser extensions…

Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. The company privately warned FortiManager customers about the flaw starting October 13th in advanced notification emails seen by BleepingComputer that contained steps to mitigate the flaw…

Key Steps for Effective Enterprise Data Protection The need for effective enterprise data protection has never been greater. Not only are companies around the world facing more threats than ever before, but the penalties for failures in this area are also significant. Potential consequences come from both regulators, who are taking a tougher line than…

Ransomware Detection: Effective Strategies and Tools In today’s environment, it may be impossible to avoid falling victim to a hacking attack altogether. The scale of criminal activity and the complex, constantly-evolving tactics used by ransomware groups means that even the best-prepared businesses cannot block every attack from infiltrating their networks. Therefore, being able to detect…

Understanding Double Extortion Ransomware: Prevention and Response Ransomware is currently one of the most common – and costly – threats facing businesses of all sizes and across all sectors. For example, one study by Thales revealed there was a 27 percent increase in these attacks last year. Yet despite this, it noted less than half…

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. Viettel Cyber Security took an early lead getting 13 points in their chase for the “Master of Pwn” title. The team’s phudq and namnp exploited a Lorex 2K WiFi camera through a stack-based…

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is proposing security requirements to prevent adversary states from accessing American’s personal data as well as government-related information. The requirements are aimed at entities that engage in restricted transactions that involve bulk U.S. sensitive personal data or U.S. government-related data, especially if the info is exposed to “countries…

Microsoft has released the optional KB5045594 preview cumulative update for Windows 10 22H2 with fixes for problems printing to multi-function printers and other issues. This cumulative update preview allows Windows admins and users to test upcoming fixes and features that will be released in the following month’s mandatory Patch Tuesday. Unlike Patch Tuesday cumulative updates,…