Blog

The commissions of the House of Commons and House of Lords have followed the UK government by banning social media app TikTok over cybersecurity concerns. A parliament spokesman said that TikTok “will be blocked from all parliamentary devices and the wider parliamentary network,” a move that TikTok has described as “misguided” and “based on fundamental […]

A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte, Mustang Panda, RedDelta, and Red Lich. Attack chains mounted by the group commence with aRead More

Despite some instability over the past six months, the cryptocurrency market is still seen by many as a get-rich-quick scheme. Accordingly, the stream of scammers feeding off this topic won’t be running dry any time soon. To lure victims into their traps, they continue to come up with new ploys, each more innovative than the […]

Cloud-based repository hosting service GitHub said it took the step of replacing its RSA SSH host key used to secure Git operations “out of an abundance of caution” after it was briefly exposed in a public repository. The activity, which was carried out at 05:00 UTC on March 24, 2023, is said to have been […]

Any app that can improve business operations is quickly added to the SaaS stack. However, employees don’t realize that this SaaS-to-SaaS connectivity, which typically takes place outside the view of the security team, significantly increases risk. Whether employees connect through Microsoft 365, Google Workspace, Slack, Salesforce, or any other app, security teams have no way […]

Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) cloud environments have a new free solution at their disposal: Untitled Goose Tool. Released by the Cybersecurity and Infrastructure Security Agency (CISA), it is an open-source tool that allows users to export and review logs, alerts, configurations, […]

Intel has launched the latest Intel vPro platform, which is powered by 13th Gen Intel Core processors and offers a broad range of features, including powerful security measures. The extensive commercial portfolio will offer over 170 laptops, desktops, and entry-level workstations, in collaboration with Acer, ASUS, Dell, HP, Lenovo, Fujitsu, Panasonic, and Samsung. IDC’s latest […]

Italian cybersecurity firm Cleafy has found “Nexus”, a new Android Trojan capable of hijacking online accounts and siphoning funds from them, to be targeting customers from 450 banks and cryptocurrency services worldwide. First observed in June 2022 as a variant of SOVA, another Android banking Trojan, Nexus has since improved targeting capabilities and is available […]

A malicious Python package on the Python Package Index (PyPI) repository has been found to use Unicode as a trick to evade detection and deploy an info-stealing malware. The package in question, named onyxproxy, was uploaded to PyPI on March 15, 2023, and comes with capabilities to harvest and exfiltrate credentials and other valuable data. It […]

SaaS-based external attack surface management (EASM) company Cyberpion has rebranded as Ionix, at the same time adding a clutch of new cybersecurity capabilities to its namesake offering. Designed to provide a “wider coverage and deeper focus” into its customers’ internet-facing assets and connected dependencies, the revamp of Ionix’s system will feature new abilities such as extending […]