Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks

Blog

By January 21, 2025

Sophos noted more than 15 attacks have been reported during the past three months.

Blog

Tenable to Acquire AI Security Startup Apex

Apex will enhance Tenable’s AI Aware tool by mitigating the threats of AI applications and tools not governed by organizations, while enforcing existing security policies.

Read More Tenable to Acquire AI Security Startup Apex
Blog

Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward

Several widespread ClickFix campaigns are underway, bent on delivering malware to business targets, and they represent a new level of phishing sophistication that defenders need to be prepared for, researchers warn.

Read More Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward
Blog

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. “In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to

Read More Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
Blog

Ivanti Connect Buffer Overflow Vulnerability

What is the Vulnerability?CVE-2025-22457 is identified as a buffer overflow vulnerability affecting Ivanti Connect Secure, Policy Secure and ZTA Gateways. If successfully exploited, can result in remote code execution. This exploitation poses significant risks, potentially allowing unauthorized remote access to systems.The Google Threat Intelligence Group (GTIG) has linked the exploitation of CVE-2025-22457 and the subsequent…

Read More Ivanti Connect Buffer Overflow Vulnerability
Blog

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked Salt Typhoon actors to breach major global telecommunications providers as part of a cyber espionage campaign. The attackers exploited a critical Cisco IOS XE software (CVE-2023-20198, CVSS score: 10.0)…

Read More China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom
Blog

FTC Orders GoDaddy to Fix Inadequate Security Practices

The FTC claims that the Web hosting company’s security failures led to several major breaches in the past few years.

Read More FTC Orders GoDaddy to Fix Inadequate Security Practices

Related