Blog
Cyber Threat Report
CASE STUDY

Organizations Are Knowingly Releasing Vulnerable Applications
92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house. Read More

Vmware Pushes Admins To Uninstall Vulnerable, Deprecated Vsphere Plugin 
The vulnerabilities haven’t been and won’t be fixed. Instead, VMware is urging admins to remove the EAP plugin. Read More

Critical Shim Bug Impacts Every Linux Boot Loader Signed In The Past Decade 
There are currently 5 vulnerabilities in Shim that could allow a network attacker to bypass secure boot and take over a vulnerable Linux system. Read More

Biggest Data Leak in History Exposes 26B Records
Most of the exposed data, found on an open instance likely owned by a threat actor or data broker, was from the Chinese instant messaging app Tencent QQ. At the same time, Weibo, MySpace, Twitter, and Wattpad also had hundreds of millions of leaked credentials and other information. Read More

Massive Comcast Xfinity Data Breach Impacts 36 Million Customers
Comcast disclosed that hackers exploited a Citrix vulnerability between October 16 and October 19, 2023. Read More

Happy New Year and Thank You to Our 7,000+ Readers!

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 
China-linked hackers continue to target Barracuda Email Security Gateway (ESG) appliances, with recent attacks involving the exploitation of a new zero-day vulnerability. Read More

FBI Explains How Companies Can Delay Sec Cyber Incident Disclosures
The FBI worked with the Department of Justice to create a guidance document for victims about how companies can “request disclosure delays for national security or public safety reasons.” Read More

Staples Confirms Cyberattack Behind Service Outages, Delivery Issues
Reported Staples internal operation problems including an inability to access Zendesk, VPN employee portals, print email, use phone lines, and more. Read More

82% of Attacks Show Cyber-Criminals Targeting Telemetry Data
Cyber-criminals have disabled or wiped out logs in 82% of incidents. The findings come from the latest report from Sophos, which dissected the intricacies of these attacks, shedding light on the speed with which ransomware assaults are now executed, often within hours. Read More

Report Links ChatGPT to 1265% Rise in Phishing Emails
Other key findings include an average of 31,000 daily phishing attacks, with 68% of these identified as text-based BEC. Read More