Cybersecurity News & Threat Intelligence

Stay updated with the latest in cybersecurity threats, data privacy, and digital marketing trends. CyberPulse delivers breaking stories, expert analysis, and insights for today’s digital professionals

Can AI Mitigate Insider Threats? Exploring the Existential Risks

As global powers incorporate artificial intelligence into their militaries, the United States Department of Defense (DoD) must enhance its human risk management strategies. The DoD's FY2024 budget allocates $266.2 million for integrating emerging technologies to combat insider threats, focusing on AI-powered solutions. Organizations like the Defense Innovation Unit (DIU) are facilitating partnerships between Silicon Valley startups and the Pentagon, allowing for the rapid deployment of commercial technology for military applications. Start-ups are recognized as critical players in national security, complementing traditional defense systems.

By Diksha Poonia Feb 14, 2025 3 min read

New PAN-OS Authentication Bypass Vulnerability Exploited by Hackers

Palo Alto Networks has released a patch for a high-severity authentication bypass vulnerability, identified as CVE-2025-0108, affecting their PAN-OS software. GreyNoise has observed active exploitation attempts targeting this vulnerability.

By Abhimanyu Singh Feb 14, 2025 4 min read

Critical WinZip Vulnerability (CVE-2025-1240) Allows Remote Attackers to Execute Arbitrary Code

A high-severity vulnerability in WinZip, tracked as CVE-2025-1240, allows remote attackers to execute arbitrary code on affected systems through malformed 7Z archive files. The flaw, rated 7.8 on the CVSS scale, affects WinZip 28.0 (Build 16022) and earlier versions. Users must upgrade to WinZip 29.0 to mitigate risks.

By Nicole Wang Feb 14, 2025 4 min read

Critical AnyDesk Vulnerability Exploited by Hackers for Unauthorized Admin Access

Identified as CVE-2024-12754 and tracked under ZDI-24-1711, this vulnerability allows local attackers to exploit a mechanism to handle Windows background images, potentially escalating their privileges to administrative levels.

By Pratham Panchariya Feb 10, 2025 3 min read

Securing Your Software Supply Chain: A Critical Leadership Responsibility Against Growing Cyber Threats

More than half of large UK financial services firms experienced at least one third-party supply chain attack in 2024, with nearly a quarter facing three or more incidents, according to research from Orange Cyberdefense. The findings emphasize the increasing vulnerability of financial institutions to cyber threats stemming from their vendor ecosystems. A survey of 200 UK CISOs and senior security decision-makers revealed that many firms still rely on outdated risk assessment models. Nearly half (44%) assess third-party risks only during initial onboarding, while 41% conduct periodic reviews. Only 14% employ continuous monitoring supported by dedicated risk management tools.

By Nicole Wang Feb 10, 2025 6 min read

Top 5 Strategies to Protect Against the Growing Robocall Cyber Threat

Robocall scams have escalated in sophistication and danger. A recent case involving the VoIP provider Telnyx illustrates how cybercriminals can exploit VoIP services to impersonate trusted organizations. The attackers, posing as the FCC's "Fraud Prevention Team," contacted nearly 1,800 people, including FCC staff and their families, utilizing artificial voices to intimidate victims. This fraudulent scheme involved prerecorded messages creating a sense of urgency, leading victims to pay $1,000 in Google gift cards to avoid legal consequences.

By Ankit Lohar Feb 10, 2025 3 min read

Massive Brute Force Attack Utilizes 2.8 Million IPs to Compromise VPN and Firewall Logins

A global brute force attack campaign leveraging 2.8 million IP addresses actively targets edge security devices, including VPNs, firewalls, and gateways from vendors such as Palo Alto Networks, Ivanti, and SonicWall. The attack, first detected in January 2025, has intensified in recent weeks, with threat actors attempting to breach login credentials across exposed network infrastructure.

By Nicole Wang Feb 10, 2025 4 min read

The Rising Threat of 'Quishing': Understanding QR Code Phishing Attacks

QR codes have become ubiquitous, facilitating digital interactions. However, their prevalence has turned them into targets for scammers, leading to the rise of “quishing” attacks. In these attacks, fake QR codes redirect users to malicious sites, enabling criminals to harvest personal data or install malware.

By Vijay Shekhawat Feb 10, 2025 3 min read

Critical Authentication Bypass Vulnerabilities in Logsign Unified SecOps Platform Allow Remote Attacks

A severe security vulnerability identified as CVE-2025-1044 has been disclosed in the Logsign Unified SecOps Platform, a widely used software for security operations. This flaw is rated with a CVSS score of 9.8, posing a critical threat which allows remote attackers to bypass authentication without requiring any credentials.

By Vijay Shekhawat Feb 7, 2025 3 min read

1 ... 15 16 17 18 19

18 / 19