BeyondTrust says hackers hit its remote support products
BeyondTrust says it spotted an attack in early December 2024 It found some of its Remote Support SaaS instances were compromised It also found and patched two zero-day flaws BeyondTrust…
Safety policies are needed for safe AI adoption, security leaders say
Suyrvey finds Generative AI is being used more than ever in cybersecurity Security leaders overwhelmingly prefer GenAI through platforms The benefits don’t yet outweigh the risks for most New research…
Fortinet flags some worrying security bugs coming back from the dead
A Fortinet flaw, fixed in September 2023, was just flagged in a security bulletin The bug was first discovered in May 2023r, and allows crooks to take over vulnerable endpoints…
Tips to keep your smartphone just as safe as a government official
Table of Contents It’s the holiday season, and that means an onslaught of bad actors trying to ensnare digital shoppers into their scams. Even Google had to publish a self-pat-on-the-back…
Top Uber rival leaks user and driver data online
Indian ride-sharing company Rapido was found leaking driver and customer data The flaw stemmed from a faulty API The company was leaking names, emails, and phone numbers A major Indian…
Fake DocuSign and HubSpot phishing emails target 20,000 Microsoft Azure accounts
Unit 42 says phishing campaign targeted automotive, chemical, and industrial compound manufacturing industries More than 20,000 victims were successfully targeted The campaign has been disrupted, but users should still be…
Microsoft Teams and AnyDesk abused to deploy dangerous malware, so be on your guard
Criminals are reaching out to victims, offering to help with a “problem” To fix the issue, they request AnyDesk access If they get it, they drop the DarkGate malware and…
Government employees are still using Kaspersky despite the ban
Kaspersky products have only seen a 58% decline in use in the US The software was banned nearly 3 months ago 19 Government agencies still use the software Kaspersky was…
US government urges federal agencies to patch Microsoft 365 now
CISA issues BOD 25-01, the first binding directive of the year It addresses Microsoft 365 security, which is under threat Other cloud providers will be added soon, as well The…
Fake Ledger data breach emails used to trick victims into giving up recovery phrases
New phishing email scam impersonating Ledger spotted The emails claim the user’s Ledger wallet seed phrase was compromised, and asks for confirmation Users that provide the seed phrase lose all…