KrofekSecurity

Google Introduces New Password Manager PIN for Enhanced Security Across Devices In a bid to elevate user security, Google unveiled a notable upgrade to its Password Manager on Thursday. This new feature allows Chrome web users to sync their passkeys across various platforms, including Windows, macOS, Linux, ChromeOS, and Android devices. The latest enhancement promises…

# Ivanti’s Unplanned Tangle: Critical Security Flaw in CSA Actively Exploited ## Unveiling the Vulnerability In the ever-evolving battlefield of IT security, Ivanti has found itself on the front lines with a new critical vulnerability that has shaken its Cloud Service Appliance (CSA). This flaw, identified as CVE-2024-8963, has gained notoriety among cybersecurity circles due…

Service Accounts: The Silent Targets of Modern Cyber Attacks Until just a couple of years ago, only a handful of Identity and Access Management (IAM) professionals really understood what service accounts are. Fast forward to today, and these silent non-human identities (NHI) have become one of the most targeted and compromised attack surfaces in cybersecurity….

TeamTNT Cryptocurrency Miners Resurface with New Attacks on VPS Infrastructures In the ever-evolving landscape of cybersecurity threats, it appears that the infamous cryptojacking gang, TeamTNT, is back in action. After a period of relative inactivity, this nefarious group has resurfaced, setting its sights on Virtual Private Server (VPS) infrastructures, with a particular focus on systems…

Threat Actors Target Construction Sector through FOUNDATION Accounting Software The construction sector has come under siege from cybercriminals exploiting vulnerabilities in FOUNDATION Accounting Software. According to new findings from Huntress, an IT security firm specializing in threat detection and prevention, these attacks indicate a troubling trend toward increased targeting of essential industries using specialized software….