SaaS applications are crucial for enhancing productivity and operational efficiency within modern organizations. However, with every new application comes increased security risks related to app integrations and multiple users, which can become easy access points for cybercriminals. As a testament to these growing concerns, a report published by XM Cyber in May 2024 highlighted that identity and credential misconfigurations were
The landscape of cybersecurity became significantly more precarious in 2024 with the revelation of a new controller component associated with the BPFDoor backdoor. This discovery, primarily driven by analysis from Trend Micro, unveils a sophisticated tool utilized in cyberattacks targeting sectors such as telecommunications, finance, and retail. Nations particularly affected include South Korea, Hong Kong, Myanmar, Malaysia, and Egypt. BPFDoor,
The future of the Common Vulnerabilities and Exposures (CVE) program is in jeopardy due to unexpected funding challenges. Managed by the federal contractor Mitre, the CVE program has become a cornerstone of cybersecurity efforts worldwide. However, these funding hurdles threaten to disrupt the program’s vital operations, raising concerns within the global cybersecurity community. The prospect of service disruptions has sounded
The booking system for driving tests in the UK has plunged into chaos due to the disruptive activities of scalper bots, as highlighted by recent research conducted by DataDome. These automated programs have leveraged the release of driving test slots on the DVSA website, managing to complete bookings in under ten seconds. In stark contrast, human applicants typically need around
Blockchain gaming has carved its niche in the decentralized finance (DeFi) sector, and Aavegotchi, a game that combines DeFi mechanisms with virtual collectibles, has been at the forefront. Recently, a significant change has jolted the Aavegotchi community: the decision to migrate from the Polygon blockchain to Coinbase’s Base network, a move supported massively by the game’s users. With approximately 93%
In an era where cyber threats continue to grow in sophistication and frequency, the discovery of new backdoor malware variants, such as Brickstorm, underscores the critical need for organizations to fortify their cybersecurity measures. This particular strain has not only adapted but also expanded its reach across various platforms, making it a formidable challenge for cybersecurity professionals. Similar to its
Former Michigan offensive coordinator Matthew Weiss appeared in federal court Tuesday over charges of computer hacking and identity theft. Weiss is accused of accessing the personal information of hundreds of college athletes, including softball player McKenzie Johnson, over a span of nearly a decade. This shocking revelation has thrown many victims, including Johnson, into turmoil as they grapple with the
FNZ, a leading technology platform that services wealth and asset management businesses, has received a formidable boost of $500 million in equity funding from its long-term institutional investors. This significant influx of capital is set to enhance FNZ’s financial stability, support its long-term strategies, and drive continued innovation in the wealth management technology space. The investment is poised to improve
In a critical development affecting organizations worldwide, Dell Technologies has identified a severe security vulnerability in its PowerProtect Data Domain systems. The flaw, designated CVE-2025-29987, allows authenticated users to execute arbitrary commands with root privileges, presenting a significant threat to the infrastructure intended for data protection. This vulnerability’s existence in Data Domain Operating System (DD OS) versions prior to 8.3.0.15,
The prevalence of automated bot traffic on the internet has been a rising concern, with recent reports indicating that bots have started to dominate web activity, surpassing human interactions. Bot traffic accounted for 51% of the total web activity last year. Among this, bad bot traffic grew significantly, from 32% to 37%, posing clear cyber risks. This surge can be
Recent findings from Cobalt’s latest State of Pentesting Report have disclosed that a staggering 95% of companies perform pentesting on their Generative AI (GenAI) Large Language Model web applications, yet only 21% of identified vulnerabilities are resolved. This data reveals a significant disparity compared to the 48% remediation rate for all vulnerabilities with detected exploits and an even greater gap
The severity and frequency of state-sponsored cyberattacks have drastically surged, with a notable resurgence in activity from a Chinese state-backed hacking group. Tracked as UNC5174, this group has emerged from a period of dormancy to launch sophisticated cyberattack campaigns, prominently featuring a fileless remote access Trojan (RAT) known as VShell. Operating exclusively in memory, VShell leverages advanced evasion techniques and
