Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Critical Unauthenticated Remote Command Execution Vulnerability in Palo Alto Networks Firewalls Actively Exploited

On November 14, 2024, Palo Alto Networks (PAN) revealed that a critical unauthenticated remote command execution vulnerability is being actively exploited against internet-exposed firewall management interfaces. According to their security advisory, Prisma Access and Cloud NGFW are not impacted by this issue. A CVE has not yet been assigned to the vulnerability.

The Middle East's Rise in Economic Growth: A Prime Target for Cybersecurity Threats

Obrela’s Nick Loumakis, Regional Managing Director MENA, describes the complex cyber attack landscape across the Middle East As the Middle East undergoes rapid economic growth and digital transformation across key sectors like finance, energy, and government, the region faces a surge in cybersecurity threats. The integration of cloud services, IoT devices, and digital financial systems has increased vulnerabilities, making it a focal point for sophisticated cyberattacks.

Venmo vs PayPal: Which Is More Secure?

PayPal is more secure than Venmo because it has advanced fraud detection, supports passkeys, features strong protection programs for buyers and sellers and has a better track record for overall security. Both Venmo and PayPal are mobile payment apps that you can use to send and receive money, but they tend to be used in different ways. Venmo allows you to request money from people you know and from strangers, or you can split bills when going out with friends.

Cast a Wider Net: UpGuard Now Scans 5x More Sources

At UpGuard, we know that in cybersecurity, timing is everything. That’s why we’ve enhanced our news and incident scanning with 500% more coverage, bringing you faster insights from high-impact sources. Now, SOC analysts and security teams can catch incidents affecting their organization or supply chain sooner, allowing for quicker, proactive responses to mitigate threats before they escalate.

Emerging Accelerated Mobile Page (AMP) obfuscation technique used in over 7% of global phishing attacks, exploiting TikTok, Google, and Instagram

Egress’ Threat Intelligence Team has identified that over 7% of global phishing attacks now use an emerging obfuscation technique that employs Accelerated Mobile Page (AMP) links to mask malicious URLs. Often embedded in phishing emails that impersonate well-known brands, threat actors aim to undermine the 'hover' technique taught in most security awareness training programs.

Balancing Security: When to Leverage Open-Source Tools vs. Commercial Tools

When deciding what approach to use for security tooling, it seems like there are two choices. Like everything in security, there is more to unpack in reality. In this article I want to explore when open-source security tools should be used, when commercial tools are more effective, and if we can trust tools built from an open-source core.

From Theory to Practice: Webinar on Access Management Essentials

Implementing privileged access management (PAM) is crucial in safeguarding your organization’s critical systems and sensitive data against unauthorized access and compromise. Join us for an in-depth look at effective PAM strategies with our cybersecurity experts Jonathan Care and Aleksandr Dymov. This webinar will guide you through essential PAM practices for securing critical assets and minimizing security risks across your organization.

Phishing Attacks Exploit Microsoft Visio Files and SharePoint

Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point. “Perception Point’s security researchers have observed a dramatic increase in two-step phishing attacks leveraging.vsdx files – a file extension rarely used in phishing campaigns until now,” the researchers explain.

Half of all Ransomware Attacks This Year Targeted Small Businesses

New data shows just how crippling ransomware has been on small businesses that have fallen victim to an attack and needed to pay the ransom. Logic would normally dictate that ransomware gangs are going to go after the “big fishes” – the larger organizations with deep pockets. But with the advent of the “as a service” model of ransomware, threat actors have found a niche, with many of them focusing on businesses with 1 to 50 employees.