CISA warns of trojanized versions of JavaScript library’s NPM package

The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository. On Friday, the US Cybersecurity and Infrastructure…

FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks

The infamous Carbanak operator is moving is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure ‘pen-testing’ company. The financially motivated cybercrime gang behind…

WinRAR vulnerability allowed attackers to remotely hijack systems

The vulnerability in WinRAR trialware could be abused by a remote attacker for executing arbitrary code on any system thus, getting an opportunity to launch a range of attacks. According…

Cisco SD-WAN Security Bug Allows Root Code Execution

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw. Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow…

What Is Conti Ransomware?

Conti ransomware is an extremely damaging malicious actor due to the speed with which encrypts data and spreads to other systems. The cyber-crime action is thought to be led by…

What Is Extended Detection and Response (XDR)? Features, Benefits, and Beyond

Overloaded security teams, poor visibility, and threat alert overload have quite an impact when it comes to detecting and effectively responding to cyber threats. Since today’s cyberattacks are extremely tricky…

Ransomware: Looking for weaknesses in your own network is key to stopping attacks

Ransomware is a major cybersecurity threat to organisations around the world, but it’s possible to reduce the impact of an attack if you have a thorough understanding of your own…

All You Need to Know About DNS Spoofing to Keep Your Organization Safe

This post is also available in: Danish The DNS in and of itself has never been secure. Being created in the 1980s when the Internet was a complete novelty, protection…

Windows Defender Is an Underutilized Endpoint Security Resource

Microsoft Defender Antivirus suffers from a perception problem. For the first decade of its existence, starting with its 2006 release, Defender was a much-maligned piece of software that no business…

Hacker Exploits an Old Microsoft Office Vulnerability to Deliver RATs

Cybersecurity researchers have recently come across an unknown threat actor conducting a crimeware operation in which it attacks organizations in India and Afghanistan using political and government-themed malicious domains. As…