The Swiss National Cyber Security Centre (NCSC) has warned of a QR code phishing (quishing) campaign that’s targeting people in Switzerland via physical letters sent through the mail, Malwarebytes reports. The letters purport to come from the Swiss Federal Office of Meteorology and Climatology (MeteoSwiss), asking recipients to scan a QR code to install a new app for severe weather warnings.

As we continue to embrace remote work, it’s crucial to keep our security practices sharp to protect both company and personal data. With increasing cyber threats, adhering to security best practices helps us safeguard our information and maintain our productivity. Here’s a quick guide to help you stay vigilant and secure while working remotely.

While most security teams now have systematic processes in place for identifying vulnerabilities and responding to targeted threats, large-scale security incidents that affect many organizations globally are now an increasingly common occurrence. The Crowdstrike outage in July, while not specifically a security incident, demonstrated how targeted breaches or failures in our security infrastructure can have a ripple effect across entire industries and disrupt critical aspects of everyday life.

On November 19, 2024, Arctic Wolf began observing active exploitation of the recently-disclosed CVE-2024-0012 and CVE-2024-9474 vulnerabilities impacting Palo Alto Networks PAN-OS software. When chained together, these vulnerabilities allow an unauthenticated threat actor with network access to the management web interface to gain administrator privileges.

You can remove your personal information from the internet by requesting that Google and people search sites remove it, checking if your credit card offers any removal services, deleting unused accounts and adjusting your privacy settings. Removing your Personally Identifiable Information (PII) from the internet can prevent cybercriminals from stealing your identity, committing fraud and targeting you with spam.

Are you a service organization seeking an audit to gain customers’ trust? Or maybe you are looking to attract prospective clients by proving how serious you are with customers’ data. If that is the case, you have come to the right place.

On November 18, 2024, Palo Alto Networks (PAN) fully disclosed two serious vulnerabilities in PAN-OS software that had previously been partially disclosed on November 8th. The first vulnerability, CVE-2024-0012, is a critical severity (9.3) authentication bypass in the PAN-OS management web interface. It allows unauthenticated attackers with network access to gain administrator privileges by bypassing the authentication check entirely, essentially telling the server not to check for authentication at all.

2024 was a thrilling year for Graylog Capture The Flag (CTF) events! Across major cybersecurity conferences, Graylog invited participants to test their skills in a range of challenging scenarios designed to simulate real-world cyber threats. From North America to Europe and beyond, we saw cybersecurity professionals and enthusiasts go head-to-head in Graylog CTFs, flexing their skills, deepening their knowledge, and having fun along the way.

As the holiday shopping season kicks into high gear, cybercriminals are gearing up too. This year, alongside the usual suspects, we're seeing some crafty new scams, so let’s take a look at some of the ones you should be most careful of during Black Friday, Cyber Monday and Giving Tuesday. AI-Generated Fake Reviews AI has allowed scammers to flood product pages with well-written and convincing fake reviews of products.

Managing sensitive data while meeting compliance and security standards is an ever-growing challenge for organizations. Today, secure data management is a top priority, especially in industries like healthcare, finance, and fintech. This focus is expected to intensify in the coming years. To address these needs, privacy vault solutions like Databunker, Skyflow, and Piiano have emerged. Each offers unique capabilities tailored to specific use cases.