Researchers at Silent Push warn that a phishing campaign is using malicious Google Ads to conduct payroll redirect scams. The attackers are buying search ads with brand keywords to boost their phishing pages to the top of the search results. “We have identified hundreds of domains primarily focused on Workday users and high-profile organizations, including the California Employment Development Department (EDD), Kaiser Permanente, Macy’s, New York Life, and Roche,” the researchers write.

Update: Dec 11, 2024. Find the latest information in our follow-up security bulletin. On December 7, 2024, Arctic Wolf began observing a novel campaign exploiting Cleo Managed File Transfer (MFT) products across several customer environments. Initial indications of malicious activity in this campaign were identified as early as October 19, with a sharp increase in early December.

As we enter 2025, the cybersecurity statistics from 2024 and previous years reveal a critical landscape of evolving threats, from a surge in vulnerabilities to increasingly sophisticated cyber-attacks. This blog delves into the latest cybersecurity data, exploring trends like zero-day exploits, and unpatched vulnerabilities, to help you craft a proactive strategy for 2025 cybersecurity challenges.

A recent discovery by Zafran.io reveals critical vulnerabilities in web application firewalls (WAFs) from providers like Akamai and Cloudflare. Misconfigured origin validation allows attackers to bypass WAF protections and directly access backend servers, creating opportunities for data breaches, DDoS attacks, and more. While most WAF vendors offer IP whitelisting as a solution, implementing it presents significant challenges such as.

Cybersecurity leaders across all levels of government are growing increasingly alarmed by the rise of cyber attacks fueled by Artificial Intelligence (AI). Cybercriminals are now incorporating machine learning and automation into their strategies, significantly boosting the scale, efficiency and sophistication of their attacks. According to a recent survey of over 800 IT leaders, a staggering 95% believe that cyber threats have become more advanced than ever before.

ByteCodeLLM is a new open-source tool that harnesses the power of Local Large Language Models (LLMs) to decompile Python executables. Furthermore, and importantly, it prioritizes data privacy by using a local LLM that you can run under any environment, like old laptops and VMs. ByteCodeLLM is the first decompile program that manages to decompile the latest versions of Python 3.13 locally.

Over the past decade, Detection and Response (DR) solutions have advanced substantially to address the constantly evolving sophistication of cyberattacks. Malicious actors have perfected techniques to evade traditional defenses, making detection and response solutions key requisites in a robust cybersecurity strategy.

In this edition, Rom discusses four essential capabilities to consider when using a solution to manage cloud privileges and access to resources. He emphasizes the importance of visibility across all cloud access, planning for scale upfront, speaking the language of both security and DevOps, and ensuring easy onboarding and fast adoption. These four points are a great starting point for making the right PAM buying decision.

As cyber threats get trickier—with ransomware attacks happening every 11 seconds, and each attack costing between $350,000 and $1.4 million on average—businesses want to beef up their defenses without spending too much. More companies are using Extended Detection and Response (XDR) to simplify their security work and cut costs. XDR provides an answer that can help businesses do more with less tackling common problems like too many tools complex security setups, and high running costs.

The Verizon 2024 Data Breach Investigations Report found that system intrusion is the leading attack pattern for the third consecutive year, accounting for 36% of breaches. System intrusion largely consists of a threat actor using hacking techniques and malware to infiltrate the victim organization. Following a successful intrusion, the attacker continues on a multi-stage process: The longer an attacker remains undetected, the greater their opportunity to find a target and extract data.