BeyondTrust Pathfinder Delivers a One-Platform Approach to Identity-Centric Security
Post Content
-
-
Threat Actor ‘JavaGhost’ Targets AWS Environments in Phishing Scheme
Palo Alto Networks’ Unit 42 details how a threat actor is dodging detection with careful targeting and the use of Amazon’s native email tools.
-
Serbian Police Hack Protester’s Phone With Cellebrite Exploit Chain
Amnesty International said Serbian police used an exploit chain in tandem with legitimate mobile extraction dongle from vendor Cellebrite in an attack that brings up questions around ethical technology development.
-
Jamf Buys Identity Automation, Expands IAM Capabilities
The $215 million acquisition will allow Jamf offer dynamic identity capabilities and device access in a single platform.
-
North Korea’s Latest ‘IT Worker’ Scheme Seeks Nuclear Funds
Fraudulent IT workers are looking for engineering and developer positions in the US and Japan, and this time it’s not about espionage.
-
Pentagon, CISA Deny Change in US Cyber Policy on Russia
Media reports over the weekend suggested the Trump Administration ordered US Cyber Command and CISA to draw down cyber activities targeting Russia.
-
Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates
Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect (BC) module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. “Once infiltrated, it grants attackers a wide range of remote control capabilities, allowing…
-
Why Cybersecurity Jobs Are Hard to Find Amid a Worker Shortage
The cybersecurity job market nowadays is facing an unusual paradox: Many roles seem open, but competition and hiring practices can make securing a position a real challenge.
-
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows – CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious…
-
How New AI Agents Will Transform Credential Stuffing Attacks
Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen…