Trend Micro and Intel Innovate to Weed Out Covert Threats

Blog

By January 8, 2025

Post Content

Blog

From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation

Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that’s assessed to have come under active exploitation since at least September 11, 2025. The company said it began its investigation on September 11 following a “potential vulnerability” reported by a customer, uncovering “potentially…

Read More From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
Blog

Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks

In SaaS security conversations, “misconfiguration” and “vulnerability” are often used interchangeably. But they’re not the same thing. And misunderstanding that distinction can quietly create real exposure. This confusion isn’t just semantics. It reflects a deeper misunderstanding of the shared responsibility model, particularly in SaaS environments where the line between vendor and customer

Read More Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks
Blog

38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases

Cybersecurity researchers have exposed what they say is an “industrial-scale, global cryptocurrency phishing operation” engineered to steal digital assets from cryptocurrency wallets for several years. The campaign has been codenamed FreeDrain by threat intelligence firms SentinelOne and Validin. “FreeDrain uses SEO manipulation, free-tier web services (like gitbook.io, webflow.io, and github.io

Read More 38,000+ FreeDrain Subdomains Found Exploiting SEO to Steal Crypto Wallet Seed Phrases
Blog

Cybersecurity Spending Slows & Security Teams Shrink

Security budgets are lowest in healthcare, professional and business services, retail, and hospitality, but budget growth remained above 5% in financial services, insurance, and tech.

Read More Cybersecurity Spending Slows & Security Teams Shrink
Blog

How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?

Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,

Read More How to Bring Zero Trust to Wi-Fi Security with a Cloud-based Captive Portal?
Blog

Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code

Three critical security flaws have been disclosed in an open-source utility called Picklescan that could allow malicious actors to execute arbitrary code by loading untrusted PyTorch models, effectively bypassing the tool’s protections. Picklescan, developed and maintained by Matthieu Maitre (@mmaitre314), is a security scanner that’s designed to parse Python pickle files and detect suspicious

Read More Picklescan Bugs Allow Malicious PyTorch Models to Evade Scans and Execute Code

Related