Microsoft Issues a Cyber Attack Warning Regarding Attempts to Hack Cloud Using SQL Server Instance
Attackers attempted lateral movement into a cloud environment via a SQL Server instance in a recent campaign, as outlined by Microsoft. In a report published on Tuesday, security experts Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen highlighted that “the attackers initially…
0 Comments4 Minutes
FBI Issues Warning About Rising Trend of Dual Ransomware Attacks on U.S. Businesses
Since at least July 2023, the FBI in the United States has been issuing warnings about a concerning new trend: simultaneous ransomware attacks targeting the same victims. According to an FBI advisory, these dual ransomware attacks involved two distinct versions selected from the following variants:…
0 Comments3 Minutes
Microsoft SharePoint Server authentication bypass exploit revealed.
GitHub provides proof-of-concept code for a serious authentication bypass vulnerability in Microsoft SharePoint Server that allows privilege escalation. Unauthenticated attackers can get administrator rights after exploiting CVE-2023-29357 in low-complexity attacks without user interaction. [FREE…
0 Comments3 Minutes
Google Releases Patch for Actively Exploited Zero-Day Vulnerability
Google rolled out fixes on Wednesday to address an actively exploited zero-day vulnerability in the Chrome browser. Tracked as CVE-2023-5217, this high-severity vulnerability is a heap-based buffer overflow in the VP8 compression format within libvpx, a free software video codec library developed…
0 Comments6 Minutes
Understanding How MDR Combats Cyberthreats
Threat actors are always active, leveraging vulnerabilities, phishing, remote access, and social engineering to inflict significant damage on an organization’s systems. Defending against the relentless and sophisticated barrage of cybersecurity threats is a challenge. Phishing attacks,…
0 Comments5 Minutes
“BlackCat” Ransomware Targets Azure Storage with Sphynx Cipher
The BlackCat (ALPHV) ransomware group has taken their malicious operations to the Azure cloud storage realm, employing stolen Microsoft accounts and the recently discovered Sphynx encryptor. [FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing During an investigation into a…
0 Comments5 Minutes
A “cybersecurity incident” has occurred at the Weather Network.
The Weather Network reports that its systems have been impacted by a “cybersecurity incident” resulting in the unavailability of its website and mobile app. This incident marks the latest in a series of recent cyberattacks targeting Canadian organizations. [FREE E-BOOK] The Definite…
0 Comments4 Minutes
It’s High Time for Canadian Businesses to Bolster Cybersecurity
In light of the escalating ransomware attacks and other cyber threats across the nation, experts are emphasizing the urgency for Canadian businesses and organizations to fortify their cybersecurity measures. [FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing Recently,…
0 Comments6 Minutes
Ransomware: Should you pay or not?
Ransomware is a type of malicious software that encrypts the victim’s data and demands a ransom for its decryption. It can cause significant disruption, damage, and financial losses to individuals and organizations. As a result, while comprehensive security plans prioritize defence, they must also…
0 Comments7 Minutes
Targeted Account Hijacking Operation Affects LinkedIn Users
A concerning ongoing Hijacking Operation Affects LinkedIn Users has emerged, specifically targeting users of the LinkedIn platform. Victims of this breach are finding themselves locked out of their accounts, with the compromised profiles held hostage for ransom. [FREE E-BOOK] The Definite Blueprint…
0 Comments5 Minutes