APT hackers use malicious Excel add-ins as an initial breach vector

Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default in Office files downloaded from the Internet has prompted many attackers to improvise attack chains in recent months. Today, according to Cisco Talo, advanced persistent threat (APT) actors and the commodity malware family are increasingly using Excel extension files (.XLL) as their primary […]

Facebook pays $725 million to settle lawsuit over Cambridge Analytica data breach

Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a lengthy class-action lawsuit filed in 2018. application used by Cambridge Analytica to access users’ personal information without consent for political advertising purposes. The proposed settlement, first reported by Reuters last week, is the latest penalty the […]

The Era of Cyber ​​Threat Information Sharing

We have spent 40 years protecting ourselves as individuals. We tried to trick and outsmart the cybercriminals, but when all our efforts failed, we thought of working with our peers to outnumber them. Cybercriminals don’t remake themselves every time. They have limited resources and limited budgets. So they use playbooks to attack a lot of […]

The Age of Sharing Cyber Threat Intelligence

We have spent 40 years protecting ourselves as individuals. We tried to trick and outsmart the cybercriminals, but when all our efforts failed, we thought of working with our peers to outnumber them.  Cybercriminals don’t remake themselves every time. They have limited resources and limited budgets. So they use playbooks to attack a lot of […]

BrasDex is a new Android malware from Casbaneiro Actors

A new Android malware called BrasDex was exposed to users in Brazil as part of a multi-platform campaign. The malware targets a series of Brazilian applications and high-performance Automated Transfer System (ATS) engines in an ongoing multi-platform campaign. Diving into Details BrasDex, a trojan for Android, was developed by the attackers who created the Casbaneiro […]

What Cybercrime & Security Will Look Like in 2023

Threat actors continue to adapt to the latest technologies, practices, and even privacy laws. It’s up to your organization to stay ahead by implementing strong cybersecurity measures and programs. Here’s how cybercrime will evolve in 2023, and what you can do to keep your business safe and secure in the year ahead. Surge in Attacks […]

Google takes Gmail security to the next level with client-side encryption

Google announced Friday that client-side encryption for Gmail is in beta for workspace and education customers. This is part of an effort to secure emails sent through her web version of the platform. This development comes at a time when online privacy and data security concerns are at an all-time high, and is a welcome […]

Cybersecurity is not a losing game – start now

Reality has a way of asserting itself, no matter what personal or business choices we make, good or bad. For example, very recently, the services of the city of Antwerp in Belgium were the victim of a very disruptive cyber attack. As usual, people cried out ‘bad play’ and suggested that appropriate cybersecurity measures should […]

What developers need to deal with common vulnerabilities

CERT-In

Today’s  threat landscape is constantly changing, and now more than ever, organizations and businesses across all industries have an urgent need to consistently produce and maintain secure software. While certain verticals – such as the financial sector – have been subject to regulatory and compliance requirements for some time, we are seeing increased attention towards […]