Karl Triebes Joins Ivanti as Chief Product Officer

Blog

By January 16, 2025

Post Content

Blog

Shadow Program Gives AWS Exec New Security Lens

Sara Duffer highlights the top lessons she brought back to her security role following three years in Amazon’s shadow program.

Read More Shadow Program Gives AWS Exec New Security Lens
Blog

Nvidia Patches Critical RCE Vulnerability Chain

The flaws in the company’s Triton Inference Server enables model theft, data leaks, and response manipulation.

Read More Nvidia Patches Critical RCE Vulnerability Chain
Blog

Earth Lamia APT Attack

The hacking group known as Earth Lamia has been targeting various sectors including finance, government, IT, logistics, retail, and education, shifting focus depending on the time period. The group is highly active and primarily exploits known vulnerabilities in public-facing systems and web applications.

Read More Earth Lamia APT Attack
Blog

Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails

Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft….

Read More Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails
Blog

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access trojans (RATs). The activity employs Cloudflare-themed ClickFix phishing attacks and fake GitHub repositories opened under the names of legitimate applications, Swiss cybersecurity company PRODAFT said in

Read More CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing
Blog

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators’ infrastructure. “The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications,”

Read More ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

Related