Identity Fraud Among Home Care Workers Puts Patients at Risk
Reports of patients being cared for by unqualified home-care aides with fake identities continue to emerge, highlighting a need for…
Cyber Security
A Good Year for North Korean Cybercriminals
North Korea shifted its strategy to patiently target “bigger fish” for larger payouts, using sophisticated methods to execute attacks at…
A Cybersecurity Playbook for AI Adoption
AI adds real value to cybersecurity today, but it cannot yet serve as a single security guardian. Here’s how organizations…
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability
WatchGuard has released fixes to address a critical security flaw in Fireware OS that it said has been exploited in…
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks
Authorities in Nigeria have announced the arrest of three “high-profile internet fraud suspects” who are alleged to have been involved…
Cloud Atlas activity in the first half of 2025: what changed
Known since 2014, the Cloud Atlas group targets countries in Eastern Europe and Central Asia. Infections occur via phishing emails…
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards
Certain motherboard models from vendors like ASRock, ASUSTeK Computer, GIGABYTE, and MSI are affected by a security vulnerability that leaves…
Yet another DCOM object for lateral movement
Introduction If you’re a penetration tester, you know that lateral movement is becoming increasingly difficult, especially in well-defended environments. One…
DefendIT Services, Chris Hannifin, and the Challenges of Insider Risk in Cybersecurity
In this post, I will talk about DefendIT Services, Chris Hannifin, and the challenges of insider risk in cybersecurity. The…
SonicWall Edge Access Devices Hit by Zero-Day Attacks
In the latest attacks against the vendor’s SMA1000 devices, threat actors have chained a new zero-day flaw with a critical…