Author: Kirsten Doyle

Check Point Research (CPR) has uncovered a sophisticated new version of the Banshee macOS Stealer malware, capable of stealing browser credentials, cryptocurrency wallets, and other sensitive data. This latest version, undetected for over two months, raises alarms for macOS users worldwide. macOS has long been seen as a secure platform, but with over 100 million users globally, it is attracting the attention of cyber crooks. Banshee Stealer rearing its ugly head highlights the growing risks to macOS users and the need for better cybersecurity measures to protect these devices. The malware’s obfuscation abilities are next level – it blends seamlessly…

Organizations are urged to act swiftly to address vulnerabilities impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways by sticking to the latest guidance from the vendor. Ivanti has released a critical security update addressing these vulnerabilities, identified as CVE-2025-0282 and CVE-2025-0283. The fix is now available via Ivanti’s standard download portal. The company disclosed that a limited number of Ivanti Connect Secure appliances were exploited through CVE-2025-0282 at the time of disclosure. However, it says there is no evidence that the vulnerabilities have been exploited in Ivanti Policy Secure or Neurons for ZTA gateways. Swift Response and Collaboration Threat…

Last year saw increasingly sophisticated cybersecurity threats as malicious actors leveraged all forms of AI to create difficult-to-detect phishing attacks, deepfakes, and ransomware incidents. To counter these, organizations adopted AI-driven security solutions, including threat detection, automated incident response, and intelligent vulnerability management, to protect data and infrastructure. “In 2025, as AI evolves further in sophistication and adoption, alongside the growing burden of data breach costs and regulation – in addition to implementing advanced cybersecurity measures, organizations must prioritize real-world security awareness training,” says Usman Choudhary, Chief Product & Technology Officer, VIPRE Security Group, sharing his cybersecurity predictions for 2025. AI-Powered Phishing His…

Casio has said nearly 8500 people were affected by a ransomware attack that compromised its servers on 5 October last year. The attack led to data leaks, including internal documents and personal information, but no credit card information was included in the leaked information. Based on the investigation’s results, the company is in the process of identifying the affected business partners and customers. It said it would contact them individually once this was clear and take all necessary steps to protect their privacy. The company has apologized for the incident, acknowledging the concerns it has caused to customers, employees, and…

Critical vulnerabilities discovered in Moxa’s industrial networking devices could allow privilege escalation and OS command injection, exposing critical infrastructure to potential cyberattacks. In a security advisory, Moxa said that affected models include EDR and TN series routers widely used in industrial automation, energy, and telecommunications. Successful exploitation could grant attackers control over devices, posing a significant risk to operational systems. The Impact According to Moxa, the identified vulnerability types and potential impacts are as follows: CWE-656: Reliance on Security Through Obscurity (CVE-2024-9138). The exploitation of hard-coded credentials could allow an authenticated user to gain root-level access, leading to system compromise,…

The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Beijing-based Integrity Technology Group (Integrity Tech) for its involvement in cyber intrusion campaigns targeting US entities. Integrity Tech has been linked to Flax Typhoon, a Chinese state-sponsored cyber group known for targeting critical infrastructure sectors across the US and beyond. The decision highlights the persistent threat posed by Chinese threat actors, which were named as a significant risk to US national security in the latest Office of the Director of National Intelligence (ODNI) Annual Threat Assessment. In fact, recent attacks even extended to the Treasury’s own…

An engineering team from Wiz has discovered a critical vulnerability in Nuclei, a popular open-source security tool developed by ProjectDiscovery. The vulnerability, assigned as CVE-2024-43405, enables malicious actors to bypass the tool’s signature verification process, potentially enabling arbitrary code execution. This discovery has raised the alarm within the cybersecurity community, particularly among entities that rely on Nuclei for automated vulnerability scanning. Nuclei’s Role in Security Operations The tool is widely used for its YAML-based templates. According to Wiz, these templates “define the logic for detecting vulnerabilities, misconfigurations, and other security issues across various protocols and technologies.” One feature that sets Nuclei…

The ubiquity of mobile applications has created a perfect storm for bad actors, offering ample opportunities to exploit unsuspecting users. One of the latest instances is FireScam, a sophisticated malware that targets Android devices. Disguised as a fake “Telegram Premium” app, FireScam uses phishing websites to lure victims into downloading malware that infects their devices to steal sensitive information. A recent report by CYFIRMA examines FireScam’s inner workings, unpacking its distribution tactics, advanced surveillance capabilities, and implications for individuals and entities alike. A Deceptive Threat FireScam is distributed via a phishing website hosted on GitHub.io. The site is carefully crafted…

As the world steps into 2025, the cybersecurity landscape is set to evolve at an unprecedented pace, driven by the convergence of emerging technologies, sophisticated threats, and tightening regulations. The fourth edition of this report delves into the critical trends shaping the industry, offering key insights to help organizations navigate the challenges ahead. From the rising threat of insider attacks and the vulnerabilities within global supply chains to the disruptive potential of quantum computing and the transformative role of artificial intelligence, the stakes have never been higher. At the same time, regulatory frameworks worldwide are becoming more stringent, urging businesses…

Doughnut giant Krispy Kreme has disclosed a cyberattack that happened on 29 November and has led to significant operational disruptions, particularly affecting its online ordering system in parts of the United States. The doughnut chain disclosed the cyberattack in an 8-K filing with the SEC. The company was alerted to unauthorized activity on its information technology systems and has since engaged leading cybersecurity experts to investigate and remediate the situation. Despite the attack, Krispy Kreme’s physical stores remain open globally, and customers can still place orders in person. Daily deliveries to retail and restaurant partners are also uninterrupted. However, the disruption of…