Originally published by Abnormal Security.Bad actors have been using phishing emails to steal sensitive data for three decades. Impersonating a trusted individual or brand and manufacturing a sense of urgency, attackers deceive targets into providing private information like login credentials or bank account details.Because email wasn’t initially designed with security in mind, early email platforms […]
Monthly Archives: July 2024
The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. “These APKs continue the group’s trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans,” SentinelOne security researcher […]
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply chain compromise on June 18, 2024. The issue has since been remediated by Conceptworld as of June 24
Written by S Sreekumar, VP and Global Practice Head, Cybersecurity, HCLTech and José Grandmougin, Senior Director Consulting System Engineering GSI and OT, Fortinet.In the ever-evolving landscape of digital transformation, the convergence of Information Technology (IT) and Operational Technology (OT) emerges as a pivotal paradigm shift. Understanding the interconnected nature of these domains is not just […]
I wrote this Resume Worded review to explore the tools this AI platform offers. Considering the job market is now more competitive than ever, I wanted to evaluate the tool that claims to help job seekers catch recruiters’ attention with a well-crafted resume. If you want to learn more about Resume Worded and discover its […]
At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk’s recent research, 93% of organizations had two or more identity-related breaches in the past year. It […]
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in the OpenSSH server component, also known as sshd, which is designed to listen for connections from […]