Browsing: Threats and Vulnerabilities

Organizational Resilience: Safeguarding Against Emerging Cyber Threats

John BrushwoodMay 19, 20255 Mins Read

External and insider cyber threats are evolving. Externally, cybercriminals are increasingly adopting AI-enabled tools, which enable them to manipulate human…

How to Tell If Your Security Camera Has Been Hacked

Chester AveyMay 15, 20256 Mins Read

The Internet of Things (IoT) is expanding dramatically, underpinning and connecting modern surveillance cameras and devices together for enhanced security…

Critical Flaws in WordPress Theme Leave 82,000+ Sites Open to Full Takeover

Kirsten DoyleMay 15, 20255 Mins Read

Two serious security vulnerabilities have been discovered in TheGem, a premium WordPress theme used by more than 82,000 websites worldwide.…

Zoom Discloses Security Issues in Workplace Apps

Kirsten DoyleMay 14, 20253 Mins Read

Zoom Video Communications has disclosed several security vulnerabilities in its Workplace Apps for Windows, macOS, Linux, iOS, and Android platforms. …

ENISA Debuts Centralized Cybersecurity Vulnerability Database

Kirsten DoyleMay 14, 20256 Mins Read

The European Union Agency for Cybersecurity (ENISA) has officially launched the European Vulnerability Database (EUVD) to enhance cyber resilience. Developed…

Roblox Under Fire: Lawsuit Alleges Secret Data Tracking of Kids

Kirsten DoyleMay 13, 20254 Mins Read

Once viewed as a safe digital playground for kids, Roblox is now in the spotlight for all the wrong reasons.…

Latest MagicINFO 9 Server Still Vulnerable Despite Patch Claims

Kirsten DoyleMay 8, 20252 Mins Read

While reports suggest that the latest version of Samsung MagicINFO 9 Server (21.1050.0) addresses the high-severity vulnerability tracked as CVE-2024-7399,…

A Closer Look at PlugValley: Threat Actor Profile

Alexis OberMay 5, 20257 Mins Read

Fortra threat intelligence analysts are tracking AI vishing-as-a-service offerings by the threat actor group PlugValley that include spoofing capabilities, custom…

“Shadow Role” Vulnerability in AWS Services Could Lead to Full Account Takeover

Kirsten DoyleApril 30, 20253 Mins Read

Aqua Security’s Team Nautilus has discovered a critical vulnerability in six popular AWS services that could allow bad actors to…

Google Report: Fewer Zero-Day Attacks in 2024, But Enterprise Tech Now in the Crosshairs

Kirsten DoyleApril 30, 20254 Mins Read

Seventy-five zero-day vulnerabilities were actively exploited in 2024 — down from 98 in 2023, but still higher than the 63…