Five fundamentals for a cyber-resilient future

Blog

Byadmblake July 23, 2025

How to stay adaptive and reduce risk in an evolving threat landscape.

Blog

N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto

The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. “Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their

Read More N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
Blog

PAN-OS Firewall Denial of Service (DoS) Vulnerability

What is the Vulnerability?Attackers are exploiting, a Denial-of-Service vulnerability (CVE-2024-3393) in the DNS Security feature of Palo Alto Networks PAN-OS. This vulnerability allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall, causing it to crash and reboot, potentially leading to Denial of Service (DoS).CISA…

Read More PAN-OS Firewall Denial of Service (DoS) Vulnerability
Blog

GPS Spoofing Attacks Spike in Middle East, Southeast Asia

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

Read More GPS Spoofing Attacks Spike in Middle East, Southeast Asia
Blog

Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches

It wasn’t ransomware headlines or zero-day exploits that stood out most in this year’s Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine credential abuse. According to the 2025 DBIR, third-party involvement…

Read More Third Parties and Machine Credentials: The Silent Drivers Behind 2025’s Worst Breaches
Blog

VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive

Post Content

Read More VicOne and Zero Day Initiative (ZDI) to Lead Pwn2Own Automotive
Blog

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in

Read More Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners

Related