Critical Adobe ColdFusion flaws chained in ongoing cyber attacks

Two vulnerabilities in the Adobe ColdFusion platform are being actively exploited by threat actors in a series of cyber attacks, apparently after a proof of concept (PoC) for one of them was... Read more »

The essential role of PETs in unlocking the trillion dollar SaaS market

The digital realm has undergone a dramatic transformation over the last decade. At the forefront of this evolution is Software as a Service (SaaS), which has revolutionised the business ecosystem by offering... Read more »

AI in cyber security: Distinguishing hype from reality

On the other hand, AI can also be a powerful tool within the hands of cyber security professionals, with many AI-powered security technologies being developed and applied in the cyber security industry... Read more »

Microsoft issues new warning over Chinese cyber espionage

A Chinese-state advanced persistent threat (APT) actor tracked as Storm-0558 hacked into email accounts at multiple government agencies, and was able to lay low for over a month until being discovered and... Read more »

One month after MOVEit: New vulnerabilities found as more victims are named

Although much of the initial panic surrounding the late-May breach of Progress Software’s MOVEit file transfer tool has subsided, Clop – the ransomware operation behind the attack – continues to leak victims’... Read more »

Cozy Bear lures victims with used BMW 5 Series

The Russian intelligence-backed advanced persistent threat (APT) group known variously as APT29, Nobelium or Cozy Bear, arguably most famous for the 2020/1 SolarWinds incident, has been caught trying to ensnare diplomats working in... Read more »

Whistleblower contacts NatWest customers affected by a decade-old data breach

A whistleblower is contacting NatWest customers affected by a data breach which has forced her to store the sensitive information of around 1,600 of the bank’s customers in her home for over... Read more »

Hackers: We won’t let artificial intelligence get the better of us

Artificial intelligence (AI) doesn’t stand a chance of being able to replicate the human creativity needed to become an ethical hacker, but it will disrupt how hackers conduct penetration testing and work... Read more »

Microsoft users on high alert over dangerous RCE zero-day

Microsoft has disclosed a potentially serious remote code execution (RCE) zero-day under active exploitation – by a group with alleged links to the Russian intelligence services – among more than 100 other... Read more »

Malicious URL volumes soar as cyber criminals pull on Threads

Cyber fraudsters and scammers are already attempting to exploit last week’s launch of Meta’s latest social media venture, a “Twitter-killer” called Threads, to conduct phishing attacks and distribute malwares, according to analysis... Read more »