Category: Uncategorized

Explore our 2024 Threat Analysis and 2025 Predictions In 2024, two key trends defined the cybersecurity landscape: the resilience of cybercriminal networks despite law enforcement actions and the growing complexity of enterprise attack surfaces. In addition, state-sponsored threat actors, primarily linked to China and Russia, intensified their focus on critical infrastructure and leveraged generative AI […]

A misconfigured database exposed 108.8 GB of sensitive data, including information on over 86,000 healthcare workers affiliated with ESHYFT, a New Jersey-based HealthTech company operating across 29 states. ESHYFT also provides a mobile platform that connects healthcare facilities with qualified nursing professionals. The exposed database was not password-protected or encrypted and contained a treasure trove […]

Journey with us to Myanmar’s shadowy scam factories, where trafficked workers are forced to run romance-baiting and fake tech support scams, and find out why a company’s mandatory hold time for tech support could lead to innocent users having their computers compromised. All this and more is discussed in the latest edition of the “Smashing […]

When it comes to safeguarding your privacy online, most people focus on securing passwords, encrypting communications, and clearing browsing history. While these practices are essential, they overlook one important element—metadata. This data, which is collected about your digital interactions, can often reveal more about you than you think. Metadata is an invaluable resource for online […]

A dual Russian-Israeli national, suspected of being a key developer for the LockBit ransomware operation, has been extradited to the United States to face charges. Rostislav Panev, 51, was arrested in Israel last August, where police reportedly found incriminating evidence on his laptop. This included credentials for LockBit’s internal control panel and a repository containing […]

Apple released emergency software patches Tuesday that address a newly identified zero-day vulnerability in the company’s WebKit web browser engine.  Tracked as CVE-2025-24201, an attacker can potentially escape the constraints of Webkit’s Web Content sandbox, potentially leading to unauthorized actions. The sandbox is a security feature that isolates untrusted web content in order to prevent […]

CSF 2.0 blueprint offered up for public review ANALYSIS The US National Institute of Standards and Technology (NIST) is planning significant changes to its Cybersecurity Framework (CSF) – the first in five years, and the biggest reform yet. First published in 2014 and updated to version 1.1 in 2018, the CSF provides a set of […]

Mar 14, 2025Ravie LakshmananSoftware Security / Cybercrime Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk. Clipper malware is a type of cryware (as coined by Microsoft) that’s designed to monitor a victim’s clipboard content and facilitate […]

ZDNET The ill-fated March Pixel update has apparently introduced yet another problem. When Google released its Pixel Feature Drop earlier this month, it introduced several new features, including real-time alerts for suspicious texts and the ability to share your location through Find My Device. Unfortunately, it also introduced several frustrating problems, including a screen-dimming issue, […]

Partnering with local health authorities not only helps prevent the next epidemic, but it also makes sure that these virological samples are kept secure—“so it’s not accidentally going to leak out of these public health facilities or not be stolen by a terrorist,” Robert Pope, director of Cooperative Threat Reduction at DTRA, explained in a […]