New Phishing-as-a-Service Platform, Rockstar 2FA, Leverages AiTM Attacks

Dec 7, 2024 | Podcast

https://www.bleepingcomputer.com/news/security/new-rockstar-2fa-phishing-service-targets-microsoft-365-accounts A new phishing-as-a-service (PhaaS) platform, known as Rockstar 2FA, has emerged, enabling cybercriminals to launch sophisticated phishing attacks targeting...

Cybercriminals Exploit Job Fears with New Phishing Scam

Dec 6, 2024 | Podcast

https://www.cloudflare.com/es-la/threat-intelligence/research/report/sacked-or-hacked-unmasking-employment-termination-scams A new phishing campaign is targeting individuals with a fear-inducing tactic: a fake legal notice claiming job termination. How the Scam Works:...

Over 8 Million Android Users Hit by Predatory Loan Apps Disguised as Legitimate Tools

Dec 5, 2024 | Podcast

https://thehackernews.com/2024/12/8-million-android-users-hit-by-spyloan.html Researchers at McAfee Labs have identified 15 malicious apps on the Google Play Store collectively downloaded over 8 million times. These apps, disguised as quick and easy loan providers,...

Cloudflare Suffers Major Log Loss Incident

Dec 4, 2024 | Podcast

https://www.bleepingcomputer.com/news/security/cloudflare-says-it-lost-55-percent-of-logs-pushed-to-customers-for-35-hours Cloudflare, a major internet infrastructure company, experienced a significant outage in its log collection service on November 14, 2024. This...

Help! There’s too many Vulnerabilities! A Practical Guide to Tackling Open-Source Security

Dec 3, 2024 | Articles, Podcast

When organizations embark on securing open-source software within their applications, they are often overwhelmed by the number of discovered vulnerabilities. The initial shock of the sheer volume can be paralyzing, especially for companies that are still building out...

Finsure Confirms Data Breach Affecting Broker and Customer Information

Dec 2, 2024 | Podcast

https://www.cyberdaily.au/security/11422-exclusive-aussie-mortgage-broker-finsure-confirms-cyber-incident-impacting-customers-and-brokers A recent cyber incident has impacted the personal information of a number of Finsure brokers and customers. The breach, which...

New CWE Methodology Shake up has Cross Site Scripting as 2024’s Most Dangerous Software Weakness

Nov 29, 2024 | Podcast

https://cwe.mitre.org/top25/archive/2024/2024_cwe_top25.htmlhttps://www.darkreading.com/application-security/cross-site-scripting-is-2024-most-dangerous-software-weakness The annual CWE Top 25 list, identifying the most dangerous software vulnerabilities, saw a...

Ransomware Attack on Supply Chain Software Disrupts Major Retailers During Holidays

Nov 28, 2024 | Podcast

https://blueyonder.com/customer-updatehttps://www.darkreading.com/cyberattacks-data-breaches/ransomware-attack-blue-yonder-starbucks-supermarkets A ransomware attack on Blue Yonder, a software provider critical to supply chains, is causing disruptions for major...

Malicious Python Packages Exploit AI Enthusiasm

Nov 27, 2024 | Podcast

JarkaStealer in PyPI repository Cybercriminals are leveraging the growing interest in artificial intelligence (AI) to distribute malware. Two malicious Python packages, posing as legitimate tools for accessing OpenAI’s ChatGPT and Anthrophic’s Claude, have...

Australia Passes Landmark Cyber Security Legislation

Nov 26, 2024 | Podcast

https://www.itnews.com.au/news/cyber-security-bill-passes-parliament-613407 Australia has taken a significant step in bolstering its cybersecurity defenses with the passage of new legislation. The Cyber Security Bill, a key component of the government’s...