CISA shares a catalog of 306 actively exploited vulnerabilities
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US federal agencies to address them within deadlines. The US Cybersecurity and Infrastructure…
50% of internet-facing GitLab installations are still affected by a RCE flaw
Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited in the wild. Cybersecurity researchers warn of a now-patched critical remote code…
NATO releases its first strategy for Artificial Intelligence
This week, NATO Defence Ministers released the first-ever strategy for Artificial Intelligence (AI) that encourages the use of AI in a responsible manner. Artificial Intelligence (AI) is changing the global…
Protecting SMBs from Current Cybersecurity Threats
A Few Small Practices Can Have a Large Impact By Mike Mosher, Director of Technology, Cinch I.T. If you own a small or medium-sized business, you are a target of…
Making Sure the Lights Don’t Go Out
By Brett Raybould, EMEA Solutions Architect at Menlo Security The ransomware attack on Colonial Pipeline, the largest fuel pipeline in the US has shown just how vulnerable the energy industry…
58% of all nation-state attacks in the last year were launched by Russian nation-state actors
Microsoft revealed that Russia-linked cyberespionage groups are behind the majority of the nation-state cyber attacks on US government agencies. Microsoft revealed that most of the cyber attacks on US government…
Modern Times, Old Prejudices
The Hacker Era By Jordan Marcus Bonagura The century of constant acceleration Twenty-first century, more than a century of human evolution and great changes, a century of constant acceleration. Everything…
Twitch data breach updates: login credentials or card numbers not exposed
An anonymous individual has leaked the source code and data of the popular video streaming platform Twitch via a torrent file posted on 4chan. An anonymous 4chan user has published…
UK newspaper The Telegraph exposed a 10TB database with subscriber data
The UK media outlet The Telegraph has leaked 10 TB of subscriber data after failing to properly secure one of its databases. The UK newspaper The Telegraph’, one of the…
How to Close the Security Gap Between Identity and Access Management (IAM) and Shared Accounts
By Maurice Côté, Vice President of Business Solutions, Devolutions For more than half a century, passengers of London’s underground (a.k.a. The Tube) have been warned to “mind the gap” when…
Threat actors exploit a flaw in Coinbase 2FA to steal user funds
Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw to bypass 2FA authentication. Threat actors have exploited a vulnerability…
Russia-linked Nobelium APT group uses custom backdoor to target Windows domains
Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft Threat Intelligence Center (MSTIC) researchers have discovered a new custom…