Hackers exploit Four-Faith router flaw to open reverse shells
Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. […]
US government wants to toughen up cybersecurity rules for healthcare organizations
New cybersecurity requirements may soon be introduced for US healthcare firms The new rules will aim to protect systems which hold sensitive information These will cost an estimated $9 billion in the first year A new set of requirements have been proposed by the US Department of Health and Human Services (HHS) for healthcare firms…
Prioritizing patching: A deep dive into frameworks and tools – Part 2: Alternative frameworks
In the second of a two-part series on tools and frameworks designed to help with remediation prioritization, we explore some alternatives to CVSS
How to Get the Most Out of Cyber Insurance
Cyber insurance should augment your cybersecurity strategy — not replace it.
What Security Lessons Did We Learn in 2024?
Proactive defenses, cross-sector collaboration, and resilience are key to combating increasingly sophisticated threats.
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
The United States Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients’ data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader…
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it’s a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and your organization. In this week’s…
When Good Extensions Go Bad: Takeaways from the Campaign Targeting Browser Extensions
News has been making headlines over the weekend of the extensive attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, over 25 extensions, with an install base of over two million users, have been found to be compromised, and customers are now working to figure out their exposure…
Deepfakes, Quantum Attacks Loom Over APAC in 2025
Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing “harvest now, decrypt later” attacks for various malicious use cases.
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign and used their access permissions to insert malicious code into…