Attackers are targeting enterprise users when they are online via attacks like spear phishing, malicious docs infected with malware/ransomware. Today SASE/SSE’s Secure Web Gateway (SWG) component is touted as the solution to this problem. These SWGs look at traffic between the enterprise users and websites and try to infer attacks. Unfortunately, a...
Threat operation UAT4356, also known as Storm-1849, which was behind the ArcaneDoor cyberespionage campaign that targeted Cisco firewalls and other vendors' perimeter network devices, has been associated with China following an investigation of the group's attack infrastructure, according to The Hacker News.
Android devices on the latest version of the operating system were discovered to be impacted by a vulnerability that exposes DNS queries upon switching VPN servers despite the activation of the "Always-on VPN" functionality while blocking connections that do not have VPN, according to BleepingComputer.
BleepingComputer reports that online banking accounts across Finland were noted by the country's Transport and Communications Agency, or Traficom, to have been targeted by ongoing Android malware attacks.
Attacks leveraging the critical Microsoft Outlook privilege escalation vulnerability, tracked as CVE-2023-23397, have been launched by Russian state-sponsored threat operation APT28 — also known as Forest Blizzard, BlueDelta, Fancy Bear, and TA422 — against the Czech Republic and Germany as part of a long-term cyberespionage campaign, according to The Hacker News.
How companies are benefiting from the enterprise browser. It's not just security when talking about the enterprise browser. It's the marriage between security AND productivity. In this interview, Mike will provide real live case studies on how different enterprises are benefitting. Segment Resources: https://www.island.io/resources, https://www.isl...
BleepingComputer reports that numerous Android apps with over four billion downloads are susceptible to the novel Dirty Stream attack, which involves the exploitation of a flaw in Android's content provider system that could enable arbitrary code execution and secrets compromise.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.