Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks
ConnectWise has disclosed that it's planning to rotate the digital code signing certificates used to sign ScreenConnect, ConnectWise Automate, and ConnectWise remote monitoring and management (RMM) executables due to security concerns. The company said it's doing so "due to concerns raised by a third-party researcher about how ScreenConnect handled certain configuration data in earlier versions.
Published on: June 12, 2025 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Over 80,000 Microsoft Entra ID Accounts Targeted Using Open-Source TeamFiltration Tool
Cybersecurity researchers have uncovered a new account takeover (ATO) campaign that leverages an open-source penetration testing framework called TeamFiltration to breach Microsoft Entra ID (formerly Azure Active Directory) user accounts. The activity, codenamed UNK_SneakyStrike by Proofpoint, has targeted over 80,000 user accounts across hundreds of organizations' cloud tenants since a surge in
Published on: June 12, 2025 | Source:Digital rights groups sound alarm on Stop CSAM ActΒ
The organizations say a reintroduced version of the bill would βbreakβ encryption for most Americans and make it impossible for end-to-end encrypted service providers to avoid lawsuits. The post Digital rights groups sound alarm on Stop CSAM Act appeared first on CyberScoop.
Published on: June 12, 2025 | Source:Infostealer Ring Bust-up Takes Down 20,000 Malicious IPs
Interpol's Operation Secure arrested more than 30 suspects across Vietnam, Sri Lanka, and Nauru, and seized 117 command-and-control servers allegedly used to run widespread phishing, business email compromise, and other cyber scams.
Published on: June 11, 2025 | Source:ConnectWise to Rotate Code-Signing Certificates
The move is unrelated to a recent nation-state attack the vendor endured but stems from a report by a third-party researcher.
Published on: June 11, 2025 | Source:Agentic AI Takes Over Gartner's SRM Summit
Agentic AI was everywhere at Gartner's Security & Risk Management Summit in Washington, DC, this year, as the AI security product engine chugs ahead at full speed.
Published on: June 11, 2025 | Source:Global law enforcement action in Asia nets large infrastructure seizure, 32 arrests
Operation Secure targeted malicious IPs, domains and servers used for infostealer operations that claimed more than 216,000 victims. The post Global law enforcement action in Asia nets large infrastructure seizure, 32 arrests appeared first on CyberScoop.
Published on: June 11, 2025 | Source:Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks
Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks. "Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads," ReliaQuest said in a report
Published on: June 11, 2025 | Source:Dems want watchdog study of two troubled federally-funded vulnerability tracking initiatives
The CVE program publishes standardized information about known cyber vulnerabilities, while the NVD is a storehouse for vulnerability management data. The post Dems want watchdog study of two troubled federally-funded vulnerability tracking initiatives appeared first on CyberScoop.
Published on: June 11, 2025 | Source:Google Bug Allowed Brute-Forcing of Any User Phone Number
The weakness in Google's password-recovery page, discovered by a researcher called Brutecat, exposed private user contact information to attackers, opening the door to phishing, SIM-swapping, and other attacks.
Published on: June 11, 2025 | Source:Securonix Acquires Threat Intelligence Firm ThreatQuotient
The deal will combine Securonix's security information and event management (SIEM) platform with ThreatQuotient's threat detection and incident response (TDIR) offering to build an all-in-one security operations stack.
Published on: June 11, 2025 | Source:Maze Banks $25M to Tackle Cloud Security with AI Agents
Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process. The post Maze Banks $25M to Tackle Cloud Security with AI Agents appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:Flaw in Industrial Computer Makerβs UEFI Apps Enables Secure Boot Bypass on Many Devices
Vulnerable DTResearch UEFI firmware applications can be used in BYOVD attacks to bypass Secure Boot. The post Flaw in Industrial Computer Makerβs UEFI Apps Enables Secure Boot Bypass on Many Devices appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:Security Pitfalls & Solutions of Multiregion Cloud Architectures
Cloud resilience is no longer just about surviving service interruptions; it's about operating securely under any circumstances, across any geographic area.
Published on: June 11, 2025 | Source:295 Malicious IPs Launch Coordinated Brute-Force Attacks on Apache Tomcat Manager
Threat intelligence firm GreyNoise has warned of a "coordinated brute-force activity" targeting Apache Tomcat Manager interfaces. The company said it observed a surge in brute-force and login attempts on June 5, 2025, an indication that they could be deliberate efforts to "identify and access exposed Tomcat services at scale." To that end, 295 unique IP addresses have been found to be engaged
Published on: June 11, 2025 | Source:Webinar Today: Rethinking Endpoint Hardening for Todayβs Attack Landscape
Learn how attackers hide in plain sightβand what you can do to stop them without slowing down your business. The post Webinar Today: Rethinking Endpoint Hardening for Todayβs Attack Landscape appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:Mirai Botnets Exploit Flaw in Wazuh Security Platform
The two campaigns are good examples of the ever-shrinking time-to-exploit timelines that botnet operators have adopted for newly published CVEs.
Published on: June 11, 2025 | Source:Fortinet, Ivanti Patch High-Severity Vulnerabilities
Patches released by Fortinet and Ivanti resolve over a dozen vulnerabilities, including high-severity flaws leading to code execution, credential leaks. The post Fortinet, Ivanti Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:40,000 Security Cameras Exposed to Remote Hacking
Bitsight has identified over 40,000 security cameras that can be easily hacked for spying or other types of malicious activity. The post 40,000 Security Cameras Exposed to Remote Hacking appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:Recently Disrupted DanaBot Leaked Valuable Data for 3 Years
Investigators leveraged a vulnerability dubbed DanaBleed to obtain insights into the internal operations of the DanaBot botnet. The post Recently Disrupted DanaBot Leaked Valuable Data for 3 Years appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:Cyera Raises $540 Million to Expand AI-Powered Data Security Platform
Series E funding round brings Cyeraβs total funding to over $1.3 billion and values the data security firm at $6 billion. The post Cyera Raises $540 Million to Expand AI-Powered Data Security Platform appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants. The joint action, codenamed Operation Secure, took place between January and April 2025, and involved law enforcement agencies from 26 countries to identify servers, map physical networks, and execute targeted takedowns. "These
Published on: June 11, 2025 | Source:Why DNS Security Is Your First Defense Against Cyber Attacks?
In todayβs cybersecurity landscape, much of the focus is placed on firewalls, antivirus software, and endpoint detection. While these tools are essential, one critical layer often goes overlooked: the Domain Name System (DNS). As the starting point of nearly every online interaction, DNS is not only foundational - itβs increasingly a target. When left unsecured, it becomes a single point of
Published on: June 11, 2025 | Source:Horizon3.ai Raises $100 Million in Series D Funding
Horizon3.ai has raised $100 million to expand product capabilities, and to scale its partner ecosystem and federal market presence. The post Horizon3.ai Raises $100 Million in Series D Funding appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:Rethinking Success in Security: Why Climbing the Corporate Ladder Isnβt Always the Goal
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher. The post Rethinking Success in Security: Why Climbing the Corporate Ladder Isnβt Always the Goal appeared first on SecurityWeek.
Published on: June 11, 2025 | Source:SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords
Two security vulnerabilities have been disclosed in SinoTrack GPS devices that could be exploited to control certain remote functions on connected vehicles and even track their locations. "Successful exploitation of these vulnerabilities could allow an attacker to access device profiles without authorization through the common web management interface," the U.S. Cybersecurity and Infrastructure
Published on: June 11, 2025 | Source:How to Build a Lean Security Model: 5 Lessons from River Island
In todayβs security landscape, budgets are tight, attack surfaces are sprawling, and new threats emerge daily. Maintaining a strong security posture under these circumstances without a large team or budget can be a real challenge. Yet lean security models are not only possible - they can be highly effective. River Island, one of the UKβs leading fashion retailers, offers a powerful
Published on: June 11, 2025 | Source:Microsoft Patches 67 Vulnerabilities Including WEBDAV Zero-Day Exploited in the Wild
Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning (WebDAV) that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This includes 26 remote code execution flaws, 17 information disclosure flaws, and 14 privilege escalation
Published on: June 11, 2025 | Source:India's Security Leaders Struggle to Keep Up With Threats
Business and security executives in the South Asian nation worry over AI, cybersecurity, new digital privacy regulations, and a talent gap that hobbles innovation.
Published on: June 11, 2025 | Source:Patch Tuesday, June 2025 Edition
Microsoft today released security updates to fix at least 67 vulnerabilities in its Windows operating systems and software. Redmond warns that one of the flaws is already under active attack, and that software blueprints showing how to exploit a pervasive Windows bug patched this month are now public.
Published on: June 11, 2025 | Source:Stealth Falcon APT Exploits Microsoft RCE Zero-Day in Mideast
The bug is one of 66 disclosed and patched today by Microsoft as part of its June 2025 Patch Tuesday set of security vulnerability fixes.
Published on: June 10, 2025 | Source:Bridging the Secure Access Gap in Third-Party, Unmanaged Devices
ESG research suggests security teams are using enterprise browsers to complement existing security tools and address network access issues.
Published on: June 10, 2025 | Source:House Homeland Chairman Mark Greenβs departure could leave congressional cyber agenda in limbo
Green, R-Tenn., has championed legislation on the cyber workforce, renewal of a cyber threat information sharing bill and more. The post House Homeland Chairman Mark Greenβs departure could leave congressional cyber agenda in limbo appeared first on CyberScoop.
Published on: June 10, 2025 | Source:PoC Code Escalates Roundcube Vuln Threat
The flaw allows an authenticated attacker to gain complete control over a Roundcube webmail server.
Published on: June 10, 2025 | Source:United Natural Foods fulfilling orders on βlimited basisβ in wake of cyberattack
CEO Sandy Douglas said the food distributor is helping some customers maintain inventory with assistance from other wholesalers. The post United Natural Foods fulfilling orders on βlimited basisβ in wake of cyberattack appeared first on CyberScoop.
Published on: June 10, 2025 | Source: