%20(1).png?w=1140&resize=1140,855&ssl=1 "SaaS Permissions: Are Employees Granting Too Much Access?")
Today, the average employee juggles dozens of SaaS apps—each requesting access with a quick click. But how many employees check whether those permissions (granted in moments to boost productivity) might be unlocking sensitive company data? While businesses thrive on the… Read More "SaaS Permissions: Are Employees Granting Too Much Access?"
May 28, 2025Ravie LakshmananCybersecurity / Cyber Espionage The Czech Republic on Wednesday formally accused a threat actor associated with the People’s Republic of China (PRC) of targeting its Ministry of Foreign Affairs. In a public statement, the government said it… Read More "Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack"
From boardroom conversations to industry events, “artificial intelligence” is the buzz phrase that’s reshaping how we collectively view the future of security. The perspectives are diverse, to say the least. Some insist that AI is a long overdue silver bullet,… Read More "Separating hype from reality: How cybercriminals are actually using AI"
What practical AI attacks exist today? “More than zero” is the answer – and they’re getting better. 22 Apr 2025 • , 3 min. read It was bound to happen – LLM tech gone rogue was bound to be brought… Read More "Will super-smart AI be attacking us anytime soon?"
A security flaw in Microsoft’s OneDrive File Picker has exposed millions of users to potential data overreach. According to new findings from Oasis Security, the issue lies in how the picker requests OAuth permissions, granting applications broad access to a… Read More "Microsoft OneDrive Flaw Exposes Users to Data Overreach Risks"
May 28, 2025Ravie LakshmananRansomware / Data Breach An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware. Sina Gholinejad (aka Sina Ghaaf), 37, and his co-conspirators are… Read More "Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore"
The form and quiz-building tool is a popular vector for social engineering and malware. Here’s how to stay safe. 23 Apr 2025 • , 5 min. read When Google enters a particular market, it often means bad news for the… Read More "How fraudsters abuse Google Forms to spread scams"
A spoofed Bitdefender website has been used in a malicious campaign to distribute VenomRAT and two other malware tools, giving attackers deep access to victims’ systems. The fake site, titled DOWNLOAD FOR WINDOWS, mimics Bitdefender’s legitimate antivirus download page but redirects… Read More "Fake Bitdefender Site Spreads Trio of Malware Tools"
May 28, 2025Ravie LakshmananIoT Security / Cryptocurrency Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand… Read More "New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto"
Der Coca-Cola-Abfüller Coca-Cola Europacific Partners ist von einem Datenleck betroffen. Tetiana Chernykova – shutterstock.com Cyberkriminelle behaupten in einem Darknet-Post, mehr als 64 Gigabyte Daten mit 23 Millionen Einträgen von Coca-Cola Europacific Partners gestohlen zu haben. Darunter befinden sich demnach Kundendaten… Read More "Hacker stehlen Coca-Cola-Daten"
