Category: Kamban

A researcher has released a tool to bypass Google’s new App-Bound encryption cookie-theft defenses and extract saved credentials from the Chrome web browser. The tool, named ‘Chrome-App-Bound-Encryption-Decryption,’ was released by cybersecurity researcher Alexander Hagenah after he noticed that others were already figuring out similar bypasses. Although the tool achieves what multiple infostealer operations have already added…

Read More

‘In the past, we talked about partners born in the cloud. I’m betting on the fact that the new partners will be born in AI. And we’ve identified another segment of [partners] who will be more successful and impactful in the market: those who combine cloud, security and AI,’ TD Synnex CEO Patrick Zammit tells…

Read More

Microsoft announced today that inbound SMTP DANE with DNSSEC for Exchange Online, a new capability to boost email security and integrity, is now generally available. The company announced in September 2023 a public preview that would roll out from March to July 2024. However, it was forced to delay it because of “necessary security investments”…

Read More

A hybrid espionage/influence campaign conducted by the Russian threat group ‘UNC5812’ has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. According to Google’s threat intelligence, the campaign impersonated a “Civil Defense” persona along with a website and dedicated Telegram channel to distribute malware through a fake recruitment avoidance app dubbed “Sunspinner” by…

Read More

Free, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information. The company, which says it had over 22.9 million mobile and fixed subscribers at the end of June, is the second-largest telecommunications company in France and a subsidiary of the Iliad Group,…

Read More

The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. The breached entities have been warned, and the agencies are proactively alerting other potential targets of the elevated cyber activity. “The U.S. Government is investigating the unauthorized access to commercial…

Read More

The Dutch National Police seized the network infrastructure for the Redline and Meta infostealer malware operations in “Operation Magnus,” warning cybercriminals that their data is now in the hands of the law enforcement. Operation Magnus was announced on a dedicated website that disclosed the disruption of the Redline and Meta operations, stating that legal actions based on the seized…

Read More

Security Information and Event Management (SIEM) systems play a crucial role in modern cybersecurity strategies. These powerful tools collect, analyze, and correlate data from various sources across an organization’s IT infrastructure to detect and respond to security threats. However, the effectiveness of a SIEM solution heavily depends on how well an organization manages and retains…

Read More

Fog and Akira ransomware operators are increasingly breaching corporate networks through SonicWall VPN accounts, with the threat actors believed to be exploiting CVE-2024-40766, a critical SSL VPN access control flaw. SonicWall fixed the SonicOS flaw in late August 2024, and roughly a week later, it warned that it was already under active exploitation. At the…

Read More

Windows 11 24H2 is unavailable for thousands of users due to safeguard or compatibility holds Microsoft has placed on specific device and software configurations. Microsoft places compatibility holds on specific devices using hardware or applications that may conflict with Windows 11 24H2, causing crashes, performance issues, freezes, or other unusual behavior. These holds will prevent…

Read More