January 2024

Vercara UltraSecure offers protection from malicious attacks Vercara is introducing UltraSecure bundles designed to meet the online security needs of mid-size companies. These flexible packages offer enterprise-grade, custom solutions that protect critical applications, secure online properties and increase web performance. While mid-size companies and SMBs have the same security needs as larger enterprises, these organizations […]

The right strategy for effective cybersecurity awareness Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential component in creating a good security culture. Why cybersecurity awareness training? 81% of organizations were hit by malware, phishing, and password attacks in 2022, mostly targeting users.

Newcastle United’s chairman, Yasir al-Rumayyan, is facing a £58m lawsuit for allegedly “having carried out the instructions” of Saudi Arabia’s crown prince, Mohammad bin Salman, with “malicious intent”, it has been reported. The claims, which are said to be made in legal papers sent to Rumayyan at several locations, including at St James’ Park, also

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. “These families allow the threat actors to circumvent authentication and provide backdoor access to these devices,” Mandiant said in an analysis published

Akira ransomware attackers are wiping NAS and tape backups “The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National Cybersecurity Center (NCSC-FI) has shared on Wednesday. NCSC-FI has received 12 reports of Akira ransomware hitting Finnish organizations in 2023,

Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a who’s-who of big-name organizations. If MGM, Johnson

The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security defenses

A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. “Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various

Microsoft has disabled the App Installer feature to protect users and prevent threat actors from maliciously exploiting its products and features. The ms-appinstaller URI scheme, which allows users to download and install apps directly from websites using the MSIX package installer, is being abused in malicious activities, reports Microsoft Threat Intelligence. Researchers found that ‘financially

The individuals confessed to creating variations of ransomware, enhancing the software through the utilization of OpenAI’s ChatGPT, carrying out vulnerability scans, infiltrating networks to secure access, deploying ransomware, and engaging in extortion. Chinese media has reported the country’s first major step towards countering the use of ChatGPT as four Chinese individuals have been arrested for