U.S. telecom giant T-Mobile recently confirmed that it was targeted by Chinese threat actors in a sophisticated cyber campaign. The adversaries, known as Salt Typhoon, sought to gain access to valuable information, particularly focusing on cellphone communications of "high-value intelligence targets." This article dives into the incident, its implications, and how companies can protect themselves…
Active Exploitation of Vulnerabilities in Progress Kemp LoadMaster Recently, serious security flaws affecting Progress Kemp LoadMaster and VMware vCenter Server have been reported as actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-1212 to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability has a CVSS score of 10.0,…
Zloglasna kibernetska kriminalna skupina, znana kot “888,” je razkrila občutljive podatke Appleton Harley-Davidson, vodilnega prodajalca motorjev. Ta podatkovna kršitev je sprožila velike skrbi o kibernetski varnosti in zaščiti podatkov znotraj podjetja. Kršitev naj bi razkrila osebne podatke skoraj 20.000 strank, kar je povzročilo pomisleke o varnosti podatkov in zasebnosti. Ta incident ponazarja, kako ranljiva so…
The Growing Problem of Secrets Leaks in IT According to research from GitGuardian and CyberArk, the threat of secrets leaks is on the rise. A shocking 79% of IT decision-makers have reported experiencing a secrets leak, up from 75% in the previous year. This is a clear indication that organizations are facing increasing vulnerabilities. At…
Understanding BabbleLoader: The Stealthy Malware Loader Cybersecurity researchers have recently uncovered detailed information about a new stealthy malware loader known as BabbleLoader. This sophisticated loader has been observed in real-world scenarios delivering various information stealer families, including WhiteSnake and Meduza. BabbleLoader is designed to remain under the radar, making it extremely challenging to detect. What…
Understanding the Secrets Leak Problem in IT According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% from the previous year’s report. In the digital landscape, the number of leaked credentials has reached alarming levels, with over 12.7 million hardcoded credentials found in public GitHub…
The Importance of Regular Network Penetration Testing for IT Leaders IT leaders understand the crucial role of network penetration testing in today’s cyber landscape. Regulators and cyber insurers often mandate this testing to fortify defenses against cybercriminals. However, it’s essential to consider that hackers do not wait for compliance schedules. They are continuously probing for…
Google’s New Shielded Email Feature: Combatting Spam with Ease Google is gearing up to launch an exciting new feature: Shielded Email. This initiative allows users to create unique email aliases when signing up for various online services, significantly enhancing privacy and reducing spam. With the rise of unwanted emails, Shielded Email could be a game-changer…
Understanding Cybercrime: A Closer Look What do hijacked websites, fake job offers, and sneaky ransomware have in common? They demonstrate how cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This reality underscores a crucial point: no system, person, or organization is truly off-limits to these attackers. Today's cybercriminals are becoming increasingly…
Understanding the Importance of Regular Network Penetration Testing IT leaders understand that keeping their networks secure is a top priority. Regulators and cyber insurers require regular network penetration testing to ensure that their defenses are effective. However, hackers do not stick to a schedule. They are always looking for vulnerabilities to exploit. This raises an…