Today, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities. This advisory supplies details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors and their associated Common Weakness Enumeration(s) (CWE)…
Read MoreNorth Korean threat actors target Apple macOS systems using trojanized Notepad apps and minesweeper games created with Flutter, which are signed and notarized by a legitimate Apple developer ID. This means that the malicious apps, even if temporarily, passed Apple’s security checks, so macOS systems treat them as verified and allow them to execute without…
Read MoreCVE-2023-3519 Citrix NetScaler ADC and NetScaler Gateway: 13.1 before 13.1-49.13 13.0 before 13.0-91.13 NetScaler ADC: 13.1-FIPS before 13.1-37.159 12.1-FIPS before 12.1-55.297 12.1-NDcPP before 12.1-55.297 Citrix ADC and Citrix Gateway Security Bulletin for CVE-2023-3519, CVE-2023-3466, CVE-2023-3467 Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells Critical Security Update for NetScaler ADC and NetScaler Gateway CVE-2023-4966 Citrix NetScaler ADC and NetScaler…
Read MoreBlackFog unveils AI based anti data exfiltration (ADX) platform for ransomware and data loss prevention San Francisco, CA, 12 November 2024 – BlackFog, the leader in ransomware prevention and anti data exfiltration (ADX), today announced the launch of its next generation enterprise platform to deliver even more powerful ransomware and insider threat prevention. BlackFog’s pioneering…
Read MoreRecent reports have highlighted RansomHub’s use of the EDR Kill Shifter, a tool specifically designed to disable or bypass Endpoint Detection and Response (EDR) solutions during ransomware attacks. What is the EDR Kill Shifter? EDR Kill Shifter targets EDR solutions on a compromised system. It is designed to manipulate or terminate EDR processes, so that…
Read MoreAs organizations continue to align their operational strategies with evolving digital ecosystems and technologies, the concept of network resilience has become a priority. A major mindset shift is that modern networks must be designed not just for speed and efficiency but also for flexibility, security, and the ability to hold out against disruptions. Whether due…
Read MoreIn a significant move to strengthen the cybersecurity of the North American electric grid, the Federal Energy Regulatory Commission (FERC) released Order 887 in January 2023, which paved the way for NERC-CIP015, a new standard on Internal Network Security Monitoring (INSM). This directive, set forth by the North American Electric Reliability Corporation (NERC), addresses a…
Read MoreApple has added a new security feature with the iOS 18.1 update released last month to ensure that iPhones automatically reboot after long idle periods to re-encrypt data and make it harder to extract. While the company has yet to officially confirm this new “inactivity reboot” feature, law enforcement officers were the first to discover…
Read MoreVMware has announced that its VMware Fusion and VMware Workstation desktop hypervisors are now free to everyone for commercial, educational, and personal use. In May, the company also made VMware Workstation Pro and Fusion Pro free for personal use, allowing students and home users to set up virtualized test labs and experiment with other OSs…
Read MoreA new ransomware family called ‘Ymir’ has been spotted in the wild, encrypting systems that were previously compromised by the RustyStealer infostealer malware. RustyStealer is a known malware family first documented in 2021, but its appearance with ransomware demonstrates another example of the recent trend of cybercrime operations working together. According to Kaspersky researchers who discovered…
Read More