Cisco firewalls exploited by state-sponsored hackers
According to the security watchdogs of the United Kingdom, Canada and Australia, unknown state hackers have been behind attacks on Cisco firewalls since November 2023. Through these breaches, the attackers have deployed malware for espionage purposes.
Cisco has now confirmed these infiltrations.... Read more
‘Project Melissa’ coalition reveals victims of Cactus ransomware
The so-called Cactus ransomware group strikes worldwide. However, a Dutch-based collective has this criminal enterprise in sight. 'Project Melissa,' a coalition between Fox-IT, Northwave, Responders and several state agencies, among others, has mapped the indicators of compromise (IOCs) to prevent ... Read more
‘One in three applications contains serious vulnerability’
One in three applications contains a major or critical vulnerability. Outdated software, failure to install updates and lack of multifactor authentication are the biggest culprits.
These are the most important findings in a study by Dutch security company Computest about the state of application... Read more
Veeam acquires Coveware to better protect customers against ransomware
With Coveware, Veeam gains new incident response options. Coveware's technology and staff deal with ransomware assessment and negotiation to end downtime as quickly as possible.
Coveware is used mainly by cyber extortion victims, but the service can also help enterprises prepare for incident res... Read more
Hackers spread malware via URLs in GitHub comments
Cybercriminals are spreading malware-linked URLs of ostensibly Microsoft repositories through the comments of GitHub projects. The method of malware distribution is very dangerous and persistent.
According to research, cybercriminals are actively trying to spread malware through URLs posted in t... Read more
Bug bounty in practice: the final layer of security
What does a bug bounty program look like, and what does it deliver? We talk to Visma about its usefulness for security professionals and the ultimate benefit for the user of the software.
"With the bug bounty program, we have extra eyes looking at our products," explains Chief Information Securi... Read more
Increase of nearly 60 percent in phishing attacks
The year-over-year growth is primarily attributed to the use of generative AI for voice phishing (vishing) and deepfake phishing.
That's what data from Zscaler shows. The company analyzed 2 billion blocked phishing transactions on its Zero Trust Exchange platform. Cybercriminals appear to use ge... Read more
Dutch Single Quantum achieves long-distance Quantum Key Distribution
In cooperation with Toshiba, Single Quantum has made the technology suitable for more than 300 kilometres of fibre-optic connections.
In Quantum Key Distribution (QKD), high-performance and quantum computers generate keys that are resistant to decryption. Toshiba's QKD technology is delivered ov... Read more
WordPress plugin for web forms contains critical vulnerability
WordPress websites using the Forminator plugin for web forms are extremely vulnerable to uploading and executing malicious files. Japan's Computer Emergency Response Team Coordination Center (JPCERT/CC) is sounding the alarm about this.
JPCERT/CC has issued an alert for the critical vulnerabilit... Read more
Vulnerability in Windows Defender leads to data loss
Attacks on Windows Defender and Kaspersky EDR allow remote file deletion. Even after patches, hackers can still exploit these tools' vulnerabilities.
In a presentation at Black Hat Asia, security firm SafeBreach revealed that Windows Defender and Kaspersky EDR are vulnerable to remote-access att... Read more