• Slider Image
CIO Corner

CIO Corner

Strategy and recommendations

Read More

Cybersecurity

Cybersecurity

Latest cybersecurity and recommendations

Read More

Pentera’s 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation

In 2024, Pentera’s survey reveals a concerning reality: despite employing an average of 53 security solutions, 51% of organizations faced cyberattacks in the past two years. These breaches resulted in unplanned downtime, data exposure, and financial losses. Notably, only 7% of enterprises escaped significant impact. CISOs now share pentest results with boards of directors, reflecting…

MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws

MITRE Corporation disclosed a nation-state cyber attack exploiting two zero-day vulnerabilities in Ivanti Connect Secure appliances since January 2024. The breach compromised its NERVE research network, bypassing multi-factor authentication. Threat actors utilized CVE-2023-46805 and CVE-2024-21887 to infiltrate, escalate privileges, and establish persistence via backdoors and web shells. MITRE reassured no core systems were affected and…

Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage

North Korean state-sponsored cyber actors have adopted artificial intelligence (AI) to enhance their operations, Microsoft reports. Emerald Sleet, a prominent group, utilizes AI-driven large language models (LLMs) for spear-phishing and reconnaissance, joining Chinese hackers in AI usage. They also employ AI for technical problem-solving and content creation. Collaboration with OpenAI helps thwart these threats. Kimsuky,…

Malware dev lures child exploiters into honeytrap to extort them

A malware developer has taken an unusual approach by creating a malicious campaign targeting individuals searching for child exploitation material. The malware, dubbed ‘CryptVPN,’ poses as a subscription service for accessing illicit content. Users are enticed with a free download but end up installing ransomware instead. Once infected, their wallpaper changes to an extortion demand,…

New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth

A new information stealer, likely a variant of RedLine Stealer, has emerged, utilizing Lua bytecode for enhanced stealth. RedLine Stealer, documented since March 2020, targets cryptocurrency wallets, VPNs, and browsers for sensitive data. McAfee found the malware abusing GitHub, disguising itself as game cheats in ZIP files, leveraging Microsoft repositories. The malware, spread via MSI…

Subscribe Today

Signup for a daily newsletter

Sign up to receive daily content in your inbox

We don’t spam! Read our privacy policy for more info.