[Virtual Event]: Cybersecurity’s Most Promising New and Emerging Technologies
Post Content
Post Content
Related
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme. The Treasury said Song Kum Hyok, a 38-year-old North Korean national with an address in the Chinese province…
Cryptographic Agility’s Legislative Possibilities & Business Benefits
Quantum computing will bring new security risks. Both professionals and legislators need to use this time to prepare.
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actors for malvertising and distributing malware. “TikTok has been historically…
15 Years of Zero Trust: Why It Matters More Than Ever
With the emergence of AI-driven attacks and quantum computing, and the explosion of hyperconnected devices, zero trust remains a core strategy for security operations.
Oracle WebLogic Server Vulnerabilities
What is the attack?A threat actor known as Water Sigbin (aka the 8220 Gang) is seen exploiting two vulnerabilities in the Oracle WebLogic server: CVE-2017-3506, which allows remote OS command execution, and CVE-2023-21839 is an insecure deserialization vulnerability. CISA recently added the Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog on…
Npm Package Hides Malware in Steganographic QR Codes
The poisoned package, purporting to be a JavaScript utility, threatens the software supply chain with a highly obsfuscated credential stealer.