Blog

Cybercriminal groups operating on a global scale continue to exploit weak points in remote working infrastructures to infiltrate corporate networks. Cybersecurity analysts have reported that the Akira ransomware group has launched a large-scale campaign targeting vulnerable SSL VPN accounts on firewalls.   Financially motivated ransomware groups are silently infiltrating corporate networks by exploiting firmware vulnerabilities and misconfigurations in SSL VPN (Secure Sockets

Cyber attackers are evolving their phishing tactics to target corporate employees by weaponizing not only emails but also enterprise instant messaging platforms. Researchers have uncovered a sophisticated social engineering campaign conducted via Microsoft Teams that distributes Black Basta ransomware.   This new attack chain, designed to bypass traditional security controls, begins with an “email bombing” technique, where the victim’s inbox is flooded with thousands of messa

A cyber outage originating from “CloudStrike-26” caused the reservation systems of major airlines such as Lufthansa and Delta to collapse this morning. While cybersecurity teams are working intensively to restore the systems, global air traffic has been brought largely to a standstill.   As a result of the crisis, check-in, ticketing, and baggage tracking systems went offline, leading to hundreds of flight cancellations and delays. The disruption of digital infrastructure at

The cybersecurity landscape is facing a new and critical threat directly targeting network infrastructures. A newly identified zero-day vulnerability allows attackers to gain “super administrator” privileges on enterprise network gateways without requiring any authentication.   This critical vulnerability, identified in firewalls that protect the outermost layer of corporate networks (particularly in FortiOS and FortiProxy systems), enables attackers to gain full control over

A new variant of the GlassWorm campaign has been identified. This new attack chain follows a multi-stage structure, enabling both extensive data exfiltration and the deployment of a Remote Access Trojan (RAT) on victim systems. According to the research, the malware also uses a fake Chrome extension that appears as Google Docs Offline to collect browser data and information related to cryptocurrency assets.  According to the report, GlassWorm operators typically gain initial

Security researchers (iVerify, Lookout, and Google) have discovered a new spyware dubbed "DarkSword," which primarily targets users in Ukraine but has the potential to affect millions of devices globally.   Key Highlights: No-Install Attack (One-Click): The most alarming feature of DarkSword is its "one-click" infection mechanism. Simply visiting a compromised website is enough to infiltrate the device, without requiring the user to download any files or grant any permissions

Tufin is the global leading platform that enables organizations worldwide to centrally manage their network security. Instead of managing various firewall, cloud, and network technologies individually, Tufin makes all security policies visible, manageable, and auditable through a single platform. As a result, organizations can: Reduce complexity Accelerate operational processes by removing dependency on individuals Remain audit-ready at all times What Changed with the New Rel

The cybersecurity world is facing a new threat poised to completely alter the landscape of cyberattacks. IBM researchers have discovered a new spyware dubbed "Slopoly," which was found to be entirely written by artificial intelligence to be deployed in ransomware attacks. Actively utilized by the financially motivated cybercrime group known as "Hive0163," this malware leverages complex AI algorithms to stealthily bypass traditional security measures and antivirus software. Ex

WhatsApp has issued an official warning about a sophisticated cyberattack attempt targeting approximately 200 users worldwide. Following an internal investigation, it was discovered that a fake version of WhatsApp, developed by an Italian spyware vendor, had been distributed in an attempt to steal users’ data. The company informed the limited number of affected or at-risk users directly by sending them security notifications. Although this fake application appears to be the o

U.S.-based medical giant Stryker experienced major disruptions across its devices and systems due to a cyberattack claimed by the Iran-linked hacker group Handala. Operations could be affected worldwide. Stryker, the U.S.-based medical device manufacturer, announced that its global networks were seriously disrupted by a cyberattack carried out last Wednesday. The company alleged that the attack was conducted by an Iran-linked hacker group. The incident affected Stryker’s inte