Security Strategy, Plan, BudgetNorth Korea’s IT worker scam linked to 2016 crowdfunding operationSteve ZurierJanuary 15, 2025Security pros say the link Secureworks made to a decade-old DPRK crowdfunding campaign are credible.
Vulnerability ManagementMicrosoft fixes 159 bugs in first Patch Tuesday of 2025Shaun NicholsJanuary 14, 2025The patch dump is the largest from Microsoft in over half a decade.
Vulnerability ManagementNew bug lets attackers bypass macOS system integrity protectionSteve ZurierJanuary 14, 2025Security pros call any bypass of SIP security significant – advise teams to patch right away.
MalwareMalicious WordPress database entry, widget steals credit card infoLaura FrenchJanuary 13, 2025The fileless script injection is difficult to detect using traditional scanning methods.
Governance, Risk and CompliancePastor indicted for Christian-themed cryptocurrency pyramid scamShaun NicholsJanuary 13, 2025Francier Obando Pinillo faces 26 counts of fraud for running a scam on his Pasco, Washington, congregation.
Vulnerability ManagementCritical 10.0 Aviatrix Controller flaw exploited in the wildSteve ZurierJanuary 13, 2025Aviatrix Controllers are prime targets because they have high-level privileges in cloud environments.
RansomwareFunkSec ransomware chases notoriety with AI-assisted codeLaura FrenchJanuary 10, 2025The group claimed 85 victims in December but shows signs of inexperience.
Network SecurityEmergency patch issued for Ivanti Connect Secure VPN flaw under attackShaun NicholsJanuary 10, 2025One or more threat actors are currently exploiting CVE-2025-0282 for remote takeover attacks on targeted networks.
Governance, Risk and ComplianceChinese hackers breach office that reviews foreign investments in USSteve ZurierJanuary 10, 2025Attack on the Committee on Foreign Investment in the U.S. was part of the recent Treasury Department breach.
Governance, Risk and ComplianceBiden readies executive order on cybersecurity after hacks linked to ChinaShaun NicholsJanuary 9, 2025The Biden White House is getting set to issue a last-minute order regarding cybersecurity regulations.
HIPPA Updates Loom as Healthcare Breaches Boom: Prevent and Protect with MicrosegmentationAntónio VasconcelosJanuary 14, 2025