RansomwareRansomware payments drop 35% in 2024, first decrease since 2022Shaun NicholsFebruary 5, 2025The first half of 2024 recorded an increase in ransomware payouts.
Vulnerability ManagementVeeam Updater receives update for critical RCE flawLaura FrenchFebruary 5, 2025The vulnerability affects Veeam Backup for Salesforce, AWS, Microsoft Azure, Google Cloud and more.
Network SecurityInfostealers targeting macOS jumped by 101% in second half of 2024Steve ZurierFebruary 5, 2025While infostealers are often seen as less dangerous compared with trojans, they can exfiltrate sensitive data, leading to data breaches.
AI/MLMicrosoft fixes CVSS 9.9 vulnerability in Azure AI Face serviceLaura FrenchFebruary 4, 2025The flaw enabled authentication bypass by spoofing, with a proof-of-concept exploit available.
Network SecurityCISA, international agencies offer guidance on edge threatsShaun NicholsFebruary 4, 2025CISA posted a set of guidelines aimed at helping companies better secure the commonly used devices.
Vulnerability ManagementFlexibleFerret malware targets the macOS via North Korea job campaignSteve ZurierFebruary 4, 2025New malware strain a continuation of the North Korean Contagious Interview job lure campaign first described last December.
AI/MLGoogle reveals Gemini AI use by more than 40 state-sponsored APTsLaura FrenchFebruary 3, 2025Iran-backed groups were the most prolific adversarial users, while North Korean APTs used the LLM for likely IT worker scams.
Network SecurityRecord number of exploited security vulnerabilities reached in 2024Shaun NicholsFebruary 3, 2025A total of 768 CVE-listed vulnerabilities exploited in the wild, a 20% increase from 2023.
Government RegulationsDOJ, Dutch police take down group selling phishing tools to cybercriminalsSteve ZurierFebruary 3, 2025DOJ says the joint action with the Dutch National Police took down 39 domains of the Pakistani group Saim Raza.
MalwareAkamai warns of active attacks from new Mirai variantShaun NicholsJanuary 31, 2025A new Mirai-based botnet is causing internet backbone provider Akamai to sound the alarm
Build a vulnerability management program with internet exposure in mindAaron Unterberger February 5, 2025