Inactive, unmaintained Salesforce sites vulnerable to threat actors
Improperly deactivated and unmaintained Salesforce sites are vulnerable to threat actors who can gain access to sensitive business data and…
May 2023
Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities
Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations, leading to unauthorized…
You’ll Need Batman’s Budget For All the Best Lego Sets Arriving in June
Although most people’s thoughts turn towards getting outside and soaking up the sun when June arrives, for Lego fans, it’s…
Focus Security Efforts on Choke Points, Not Visibility
By finding the places where attack paths converge, you can slash multiple exposures in one fix for more efficient remediation.
SAS Airlines hit by $3 million ransom demand following DDoS attacks
Scandinavian Airlines (SAS) has received a US $3 million ransom demand following a prolonged campaign of distributed denial-of-service (DDoS) attacks…
Threat actors are exploiting Barracuda Email Security Gateway bug since October 2022
Recently disclosed zero-day flaw in Barracusa Email Security Gateway (ESG) appliances had been actively exploited by attackers since October 2022.…
Warning! WordPress Plugin ”Gravity Forms” Vulnerable to PHP Object Injection
Researchers revealed that the largely used WordPress plugin ”Gravity Forms” is vulnerable to unauthenticated PHP Object Injection. The flaw was…
Critical Firmware Backdoor in Gigabyte Systems Exposes ~7 Million Devices
Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to…
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root…
6 Steps to Effective Threat Hunting: Safeguard Critical Assets and Fight Cybercrime
Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently…