Author Info

On January 9, 2025, cybersecurity firms have rolled out crucial updates to address significant vulnerabilities in products by Palo Alto Networks, SonicWall, and Aviatrix. These updates are pivotal to safeguarding systems from potentially severe exploits. Palo Alto Networks’ Expedition Tool Vulnerabilities Palo Alto Networks has issued patches for its Expedition

On Monday, 1Password announced its acquisition of Trelica, a UK-based company specializing in SaaS access management tools. Although the financial terms remain undisclosed, this purchase represents the most significant acquisition by revenue in 1Password's 18-year history. Company Backgrounds 1Password is renowned for its password management services and the

Japanese electronics company Casio has announced the results of its investigation into a recent ransomware attack that has affected thousands of individuals. In early October 2024, Casio disclosed network disruptions and system failures due to unauthorized access. Ransomware Attack Confirmation Shortly after the initial disclosure, Casio confirmed that a ransomware

Cybersecurity researchers have identified a sophisticated threat known as NonEuclid, a remote access trojan (RAT) allowing malicious actors to hijack Windows computers. Developed in C#, NonEuclid incorporates advanced techniques to evade detection and gain unauthorized access. **Evasion Techniques** NonEuclid leverages methods such as bypassing antivirus programs and escalating privileges to

A sophisticated variant of the EAGERBEE malware has been identified, targeting internet service providers and government bodies in the Middle East. This updated version, also known as Thumtais, exhibits enhanced backdoor features that mark a notable advancement in its functionality. Advanced Backdoor Features The new EAGERBEE variant integrates multiple components

The International Civil Aviation Organization (ICAO), a United Nations entity setting global aviation standards, is currently investigating a cybersecurity breach. On Monday, ICAO disclosed that it's conducting an active assessment following reports of a possible security incident. The breach is allegedly tied to a known cybercriminal group targeting

Expanded Telecom Breaches Highlight Ongoing Chinese Cyber Threat Recent reports from the Wall Street Journal have surfaced, revealing that telecom giants Charter Communications, Consolidated Communications, and Windstream have fallen victim to the widespread Salt Typhoon hacking campaign attributed to Chinese state-sponsored actors. Growing List of Affected Telecoms The Salt Typhoon

Veracode, a leader in application security, has bolstered its portfolio by acquiring key technology components from Phylum, a rising startup specializing in software supply chain security. This acquisition includes Phylum’s advanced capabilities for analyzing, detecting, and mitigating malicious software packages, alongside integrating some of Phylum's expert personnel

The U.S. Treasury Department has announced sanctions against Beijing-based Integrity Technology Group, Inc. (Integrity Tech) for their involvement with the Flax Typhoon hacking group. The group, believed to be state-sponsored by China, used Integrity Tech's systems to orchestrate cyberattacks on U.S. and European networks for over