Threats

Hackers Use RMM Software to Breach Federal Agencies

Cybercriminals recently breached U.S. federal agencies using remote monitoring and management (RMM) software as part of a widespread campaign. The malicious campaign began in June 2022 or earlier a...

Threat Groups Distributing Malware via Google Ads

Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán...

Cybercriminals Use VSCode Extensions as New Attack Vector

Microsoft's Visual Studio Code integrated development environment (IDE) is used by as much as 75% of developers, so any security issue has widespread implications. And Aqua Nautilus researchers have d...

ChatGPT’s Dark Side: An Endless Supply of Polymorphic Malware

CyberArk researchers are warning that OpenAI's popular new AI tool ChatGPT can be used to create polymorphic malware. "'s impressive features offer fast and intuitive code examples, which are incre...

Microsoft Patch Tuesday Fixes 11 Critical Vulnerabilities, One Zero-Day

Microsoft's first Patch Tuesday of 2023 addresses 98 vulnerabilities, more than twice as many as last month – including one zero-day flaw that's being actively exploited, as well as 11 critical flaws...

Rackspace Breach Linked to New OWASSRF Vulnerability

Rackspace has acknowledged that it was hit by the Play ransomware a month ago in an attack that compromised customers' Microsoft Exchange accounts. The attackers apparently leveraged a zero-day vulne...

How to Prevent SQL Injection: 5 Key Methods

Most modern websites and applications connect to databases and the databases are programmed using Structured Query Language (SQL). SQL injection (SQLi) vulnerabilities arise when websites do not adequ...

Ransomware Protection: How to Prevent Ransomware Attacks

The best way to prevent ransomware is also the best way to prevent any malware infection - to implement security best practices. Of course, if best practices were easy, no ransomware attacks would o...

Patch Tuesday Fixes Actively Exploited MOTW Vulnerability

Microsoft's December 2022 Patch Tuesday includes fixes for over four dozen vulnerabilities, six of them critical – including a zero-day flaw in the SmartScreen security tool, CVE-2022-44698, that's b...

Researchers Warn of Exploit that Bypasses Web Application Firewalls

Team82 researchers have disclosed an attack technique that bypasses industry-leading web application firewalls (WAFs) by appending JSON syntax to SQL injection payloads. "An attacker able to bypas...

Latest articles