Cybersecurity News Hero

Combing the world for the cybersecurity stories you need to know.

Cybersecurity News
Finastra data security breach
Finastra's Secure File Transfer Platform Breached: 400GB of Data at Risk
December 28, 2024
Finastra is a leading financial technology firm that serves over 8,000 institutions across the globe, providing software and services to 45 of the world’s top 50 banks. Reporting $1.9 billion in revenue last year, Finastra…
Read More >
Smokeloader
Old Exploits, New Threats: How SmokeLoader Continues to Haunt Vulnerable Systems
December 18, 2024
What is old is new again. That could be the mantra for cybersecurity vulnerabilities. The focus is on discovering new vulnerabilities before attackers can use them, but according to an August 2023 cybersecurity advisory published…
Read More >
Microsoft AD CVE-2024-49019
Privilege Escalation Time Bomb: Microsoft AD CS Vulnerability Puts Domains at Risk
December 17, 2024
A newly uncovered flaw in Microsoft’s Active Directory Certificate Services (AD CS), CVE-2024-49019, exposes enterprise domains to significant risk. By exploiting misconfigured certificate templates, attackers can escalate privileges to Domain Administrator, gaining unrestricted control over…
Read More >
New Year 9253766 1280
From Insider Risks to Hacker Wars: The Trends Redefining Cybersecurity in 2025
December 16, 2024
Earlier this month, Experian released its 12th Annual Data Breach Industry Forecast, which outlines several predictions for cybersecurity trends to watch in 2025. The report also reveals a sobering new reality: the very technologies designed…
Read More >
Faucet 1684902 1280
The Hidden Cyber Threats Endangering U.S. Drinking Water Systems
December 13, 2024
In January of 2024, several water and wastewater plants in Texas were targeted by hackers, later linked to a Russian group, who gained access to certain supervisory control and data acquisition (SCADA) systems. Fortunately, consequences…
Read More >
Code 820275 1280
New Report Warns of AppSec Fatigue and AI Overconfidence Threatening Open Source Software Security
December 12, 2024
The 2024 State of Open Source Security report reveals a troubling new trend: “AppSec fatigue,” where open source development teams are increasingly overwhelmed by the high volume of security vulnerabilities they must address to develop…
Read More >
Jet 2736962 1280
The Dream Job Scam: Iranian Hackers Target Aerospace Sector with Sophisticated Cyber Espionage
December 11, 2024
The promise of a dream job is a powerful lure. For employees in the aerospace and defense industries, it’s also become a dangerous one. An advanced cyber-espionage campaign, dubbed the Iranian "Dream Job" scam, has…
Read More >
Operation Lunar Peak Palo Alto Networks
Operation Lunar Peek: A New Cyber Threat Targets Vulnerable PAN-OS Systems
December 04, 2024
An emerging cyberattack campaign has been identified and dubbed “Operation Lunar Peek,” affecting Palo Alto Networks’ PAN-OS software. Exploiting two critical PAN-OS vulnerabilities, the campaign has already had a significant impact, compromising over 2,000 devices…
Read More >
identity fraud deepfake artificial intelligence
AI's Role in the Evolution of Identity Fraud
December 03, 2024
Identity fraud has entered a new era thanks to the rise of artificial. Once a manual, labor-intensive endeavor, identity fraud has evolved into a sophisticated, AI-enabled industry. According to the 2025 Identity Fraud Report, digital…
Read More >
holiday scams
Holiday Scams on the Rise: How Cybercriminals Exploit the Season of Giving
December 02, 2024
The holiday season is always a time of heavy activity for cybercriminals, as they take advantage of the heightened emotions, increased shopping and travel activity, and busy preparations to create ripe targets for attacks. Many…
Read More >
email fraud cyber insurance
The Rising Threat of Email Fraud: How Businesses Can Stay Ahead of Cybercriminals
November 29, 2024
It's 4:48 pm on the Friday before a long weekend, and you have just received an email from the CEO requesting immediate payment or an important deal will fall through. This could be genuine, but…
Read More >
CISA Jen Easterly
Leadership Shift Imminent at CISA
November 26, 2024
A Cybersecurity and Infrastructure Agency (CISA) spokesperson recently announced that all appointees of the Biden-Harris administration will vacate their positions by inauguration day. As the U.S. begins to prepare for the official presidential transition, CISA…
Read More >
security debt application security financial
Mounting Security Debt Is Putting Financial Services at Risk
November 22, 2024
Many financial institutions have a debt problem. Not a monetarily but a software security one. Veracode’s State of Software Security 2024 study reports that over three out of four (76%) financial organizations have security debt,…
Read More >
FIDO Alliance passkeys passwords
From Frustration to Security: How Passkeys Are Transforming the Way We Log In
November 21, 2024
Passwords have been a cornerstone of digital authentication for decades, but their flaws are becoming increasingly apparent. According to the FIDO Alliance's latest report, "password pain" has led 42% of consumers to abandon purchases due…
Read More >
Traceable API security report
Rethinking API Security: Generative AI, Bots, and the Need for New Defenses
November 20, 2024
API vulnerabilities–and their potential impact on a company’s cybersecurity defenses–are a real and growing concern. Traceable recently released its second annual research report, the 2025 Global State of API Security, and found that most organizations…
Read More >
Remcos RAT trap Fortinet
The Remcos RAT Trap: How Phishing Campaigns Are Exploiting Old Vulnerabilities for Remote Control
November 19, 2024
The manipulation of remote administration tools (RATs) for cyberattacks is on the rise, with bad actors evading security measures to exploit known vulnerabilities. The dangers here are many, as leveraging RATs grants attackers high levels…
Read More >
RaaS ransomware-as-a-service
RaaS Revolution: How Ransomware-as-a-Service is Escalating the Corporate Cybersecurity Arms Race
November 18, 2024
Ransomware has evolved from isolated, opportunistic attacks into a sprawling, professionalized industry. Today, cybercriminals have access to Ransomware-as-a-Service (RaaS) platforms that provide powerful tools and infrastructure, making it possible for even novice attackers to launch…
Read More >
human-operated attacks ransomware
Microsoft Report Finds Human-Operated Attacks and Unmanaged Devices Are Leading to More Cyberattacks
November 14, 2024
The newly released Microsoft Digital Defense Report 2024 provides in-depth analysis and insights into the latest trends in cybersecurity. This report is crucial for any organization looking to stay informed about the latest threats and…
Read More >
Subscribe for the Latest News
Webinars
Is Your Security Built for Today’s World?
Register Now
Cloud Ransomware Tabletop: Unpacking an Attack from Detection to Recovery
Register Now
The 4 Levels of Cloud Cyber Resilience: Where Does Your Organization Stand?
Register Now