In a major breakthrough, Google’s AI-powered research tool, Big Sleep, discovered a vulnerability in SQLite, one of the most widely used database engines in the world. The Google Project Zero and Google DeepMind teams recently shared this milestone in an…
Category: Information Security Buzz
Attackers Exploit DocuSign API to Send Fraudulent Invoices, Bypassing Security Filters
Attackers are leveraging DocuSign’s API to distribute authentic-looking invoices at scale, exploiting legitimate business channels to bypass traditional security measures. Using paid DocuSign accounts and customized templates, malefactors mimic reputable companies, such as Norton, to send convincing invoices through the…
500,000 Affected in Columbus Data Breach, Followed by Lawsuit Against Security Researcher
In July 2024, the City of Columbus, Ohio, experienced a ransomware attack that exposed the personal information of approximately 500,000 residents. While officials quickly took systems offline to contain the incident and reported halting the attack before ransomware encryption could…
AI & API Security
Artificial Intelligence (AI) and Application Programming Interfaces (APIs) are integral to technological advancement in today’s digital age. As gateways allowing different software applications to communicate, APIs are crucial in AI’s evolution, powering everything from cloud computing to machine learning models.…
Proactive Ways To Bridge The Cybersecurity Talent Gap
The need for robust cybersecurity measures has never been greater in a time when cyber threats are evolving rapidly, and breaches have become an inevitability for businesses in every sector. Managing this complex threat landscape requires advanced solutions and skilled experts who…
Advanced Variant of FakeCall Malware Targets Mobile Users with Sophisticated Vishing Attacks
Mobile security company Zimperium’s zLabs team has uncovered an advanced variant of the FakeCall malware that employs “Vishing” (voice phishing) to deceive mobile users into sharing sensitive information, such as login credentials and banking details. This sophisticated malware campaign highlights…
Microsoft Warns of Major Credential Theft by Chinese Hackers Via Covert Network Attacks
Since August last year, Microsoft has identified a surge in intrusion activity with attackers using sophisticated password spray techniques to steal credentials from multiple customers. The company has linked this wave of attacks to a network of compromised devices known…
The Invisible Shield: Beyond Wrap-around Cyber Protection
Cyber threats are evolving at an unprecedented pace. AI-driven malware, sophisticated phishing schemes, and adaptive attack methods are outmaneuvering standard security measures. Traditional defenses are no longer sufficient. Businesses need an invisible shield that offers comprehensive, proactive protection to stay…
Redline Stealer Dominates: VIPRE’s Q3 Report Highlights Sophisticated BEC Tactics and Evolving Malware Trends
VIPRE Security Group’s Q3 2024 Email Threat Trends Report reveals the increasing sophistication of email-based threats, particularly business email compromise (BEC) and malspam campaigns, which have intensified across industries. Analyzing 1.8 billion emails globally, of which 208 million were identified…
Russian Actor Midnight Blizzard Conducts Massive Spear-Phishing Campaign Using RDP Files
Microsoft Threat Intelligence has issued an alert following the detection of a sophisticated spear-phishing campaign orchestrated by the Russian threat actor known as Midnight Blizzard. Active since 22 October this year, this operation has distributed spear-phishing emails aimed at government…