Category: Kamban

The password problem — weak, reused credentials that are easy to compromise yet hard to remember and manage — plagues users and organizations. But despite technological advances, passwords still guard 88% of the world’s online services. So how can IT leaders overcome this challenge? In this post, we explore why passwords are so easy to…

Read More

A new phishing campaign dubbed ‘CRON#TRAP’ infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. Using virtual machines to conduct attacks is nothing new, with ransomware gangs and cryptominers using them to stealthily perform malicious activity. However, threat actors commonly install these manually after they…

Read More

​The City of Columbus, Ohio, notified 500,000 individuals that a ransomware gang stole their personal and financial information in a July 2024 cyberattack. Ohio’s capital city (with a population of over 905,000) was hit by the ransomware attack on July 18. The resulting outages affected various services and IT connectivity between public agencies. City officials…

Read More

Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity and this bi-weekly publication is your gateway to the latest news. This week’s cybersecurity round-up covers critical developments across the industry.…

Read More

​Microsoft has confirmed several bugs causing install and Blue Screen of Death (BSOD) issues impacting Windows Server 2025 systems with more than 256 logical processors. Users may experience symptoms such as Windows Server 2025 installation or upgrading processes failing or hanging and server starting and restarting taking as much as three hours or more in…

Read More

​Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don’t contain information that could be exploited in future breaches of the company’s systems. While analyzing the exposed documents, the company found that their contents include data that Cisco publishes for customers and other DevHub users. However, files…

Read More

Image: Midjourney A relatively new ransomware operation named Interlock attacks organizations worldwide, taking the unusual approach of creating an encryptor to target FreeBSD servers. Launched at the end of September 2024, Interlock has since claimed attacks on six organizations, publishing stolen data on their data leak site after a ransom was not paid. One of…

Read More

Researchers have shown that it’s possible to abuse OpenAI’s real-time voice API for ChatGPT-4o, an advanced LLM chatbot, to conduct financial scams with low to moderate success rates. ChatGPT-4o is OpenAI’s latest AI model that brings new enhancements, such as integrating text, voice, and vision inputs and outputs. Due to these new features, OpenAI integrated…

Read More

​Microsoft is investigating a known issue that affects Microsoft 365 customers and causes classic Outlook to hang or freeze when copying text. These problems appear on systems running Outlook Current Channel Version 2409 (Build 18025.20096) or higher or when using languages with an IME (Input Method Editor). “When you select text in a classic Outlook…

Read More

A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a high-severity (CVSS v3.1 score: 7.2) RCE flaw impacting Microsoft SharePoint, a widely used web-based platform functioning as an intranet, document management, and collaboration tool that can seamlessly integrate with…

Read More