Blog Series
cybersecurity
Kaspersky reports Wroba.o to Google...
Kaspersky has discovered a new malicious app known as Wroba.o that uses DNS hijacking to steal victims’ personal and financial information. The app, discovered in the Google Play Store, masquerades...
How GPT models can be...
According to CyberArk researchers, GPT-based models like ChatGPT can be used to create polymorphic malware because they can generate large amounts of unique and varied text. The researchers claim that...
Attackers actively exploit Unpatched Control...
Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in unpatched versions of the Control Web Panel, a popular free, closed-source web-hosting interface. The vulnerability allows remote code execution without...
Which Cybersecurity Compliance Standards Apply...
Regulations and standards guide companies toward a consistent cybersecurity response. Even if it sets just a minimal baseline, rulebooks still serve as an improvement on what could sometimes be a...
Attackers distribute malware via malicious...
Deep Instinct researchers reported that RATs like StrRAT and Ratty were used in a 2022 campaign via polyglot and JAR files. Both threats appear to report back to the same...
Cybersecurity Up in the...
On a fictional tv show that started airing last year, a spy fell out of grace by forgetting some classified intelligence papers on a public train. Said papers contained a...
CircleCI partners AWS to identify...
According to CircleCI’s CTO, Rob Zuber, CircleCI is working with Amazon Web Services to notify customers who have AWS tokens that may have been impacted by the Jan. 4 security...
Zoho patches high-severity SQL injection...
Zoho says it has patched several ManageEngine products for a newly disclosed high-severity SQL injection flaw. CVE-2022-47523 is a SQL injection (SQLi) vulnerability in ManageEngine Password Manager Pro, PAM360, and...
High severity flaw allow attackers...
According to ARMO researchers, The Kyverno admission controller for container images has a high-severity security vulnerability. Using a malicious image repository or MITM proxy, the bug (CVE-2022-47633) can be exploited...
Tips for Meeting PCI DSS...
Hackers frequently target payment card industry (PCI) data. To help protect against this, compliance regimes like the PCI Data Security Standard (PCI DSS) were put in place to protect cardholder...
Cybersecurity Insurance’s Usefulness Questioned Yet...
Cybersecurity insurance policies are considered by many to be a last resort safety net that, when things go wrong in a terrible way, provides at least a bit of hope...