Blog - inionline.net

Blog

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-2533 (CVSS score: 8.4), is a cross-site request forgery (CSRF) bug that could

Read More CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
Blog

Root Evidence Bets on New Concept for Vulnerability Patch Management

The number of concerning vulnerabilities may be much smaller than organizations think, and this cybersecurity startup aims to narrow down the list to the most critical ones.

Read More Root Evidence Bets on New Concept for Vulnerability Patch Management
Blog

Insurance Giant Allianz Life Grapples With Breach Affecting ‘Majority’ of Customers

The company has yet to report an exact number of how many individuals were impacted by the breach and plans to start the notification process around Aug. 1.

Read More Insurance Giant Allianz Life Grapples With Breach Affecting ‘Majority’ of Customers
Blog

Chaos Ransomware Rises as BlackSuit Gang Falls

Researchers detailed a newer double-extortion ransomware group made up of former members of BlackSuit, which was recently disrupted by international law enforcement.

Read More Chaos Ransomware Rises as BlackSuit Gang Falls
Blog

Ghost Students Drain Money, Resources From Educational Sector

The education sector is haunted by a significant fraud problem where fake students impersonate celebrities and employ other identity techniques to steal resources and money from legitimate students.

Read More Ghost Students Drain Money, Resources From Educational Sector
Blog

New Risk Index Helps Organizations Tackle Cloud Security Chaos

Enterprises can use the IaC Risk Index to identify vulnerable cloud resources in their infrastructure-as-code environment which are not managed or governed.

Read More New Risk Index Helps Organizations Tackle Cloud Security Chaos
Blog

Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads

In what’s the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal’s GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry. The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week….

Read More Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Blog

Advancing cybersecurity for K-12 and libraries: Strategic considerations for the FCC Cybersecurity Pilot Program

If you are preparing an RFP or Form 470 submission under the Cybersecurity Pilot Program, we encourage you to connect with us.

Read More Advancing cybersecurity for K-12 and libraries: Strategic considerations for the FCC Cybersecurity Pilot Program
Blog

Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrates Advanced Evasion

A new infostealing malware making the rounds can exfiltrate credentials and other system data even from browsing software considered more privacy-focused than mainstream options.

Read More Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrates Advanced Evasion
Blog

How to Spot Malicious AI Agents Before They Strike

The rise of agentic AI means the battle of the machines is just beginning. To win, we’ll need our own agents — human and machine — working together.

Read More How to Spot Malicious AI Agents Before They Strike