Cyberattacks targeting medical organizations up 32% in 2024Shaun NicholsFebruary 11, 2025In 2024, 1 in 10 ransomware incidents struck a medical organization.
Build a vulnerability management program with internet exposure in mindAaron Unterberger February 5, 2025
Strengthening America’s backbone: The Center for Federal Civilian Executive Branch (FCEB) Resilience’s role in national securityBill BrennerJanuary 21, 2025
The hybrid workforce crisis: How it has weakened enterprise security, and what to do about itBill BrennerJanuary 13, 2025
Noma Security’s Niv Braun shares how he went from Unit 8200 to the cybersecurity startup worldSC StaffJanuary 10, 2025
Ransomware8base ransomware site seized, 4 suspects arrestedLaura FrenchFebruary 10, 2025An international law enforcement operation targeting the Phobos-linked group was led by German authorities.
Identity‘Next level’ brute-force attack uses 2.8 million IPs to target VPNsSteve ZurierFebruary 10, 2025Bad actors target VPNs from leading brands, such as Palo Alto Networks, Ivanti, and SonicWall.
RansomwareRansomware attackers turn to workers for data breach accessShaun NicholsFebruary 7, 2025Ransomware operators are pitching victims to infect additional machines on their company network.
Vulnerability ManagementCISA warns Trimble Cityworks customers of actively exploited RCE flawLaura FrenchFebruary 7, 2025Immediately patching is recommended due to the risk of RCE on Microsoft IIS web servers in critical infrastructure sectors.
Network Security3,000 exposed ASP.NET keys could perform code injection attacksSteve ZurierFebruary 7, 2025Microsoft worries the leaked keys could be pushed into development code without modification, leaving it open to security issues.
Threat IntelligenceKimsuky shifts tactics from traditional backdoors to RDP, proxiesLaura FrenchFebruary 6, 2025The North Korean APT group has leveraged a custom RDP Wrapper and new malware called forceCopy in recent campaigns.
AI/MLFormer Google engineer charged with stealing AI trade secretsShaun NicholsFebruary 6, 2025A Chinese national is facing multiple charges of economic espionage and theft of trade secrets after he was accused of stealing AI technology from Google
Vulnerability ManagementLinux kernel flaw added to CISA’s exploited vulnerabilities listSteve ZurierFebruary 6, 2025Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.