Guarding Against Supply Chain Cyberattacks: A Growing Threat
In today’s digital landscape, cybercriminals have increasingly turned to vulnerabilities in widely-used IT and security tools to launch devastating attacks. Recent incidents demonstrate how quickly these tools can become prime targets: Ivanti enterprise VPNs: A zero-day vulnerability was exploited to deploy the backdoor DSLog. TeamCity: Attackers from the APT29 group leveraged a remote code execution […]
Cybersecurity’s Greatest Vulnerability: The Human Factor
Organizations worldwide are set to spend $212 billion on cybersecurity in 2025, a 15.1% increase from the previous year, according to Gartner. But while businesses continue to pour resources into advanced tools and systems, cybercriminals are targeting something technology alone can’t fix: the human element. In fact, 68% of breaches in 2024 involved the human […]
The 8 Steps to Seamless Secure Access Service Edge (SASE) Migration
Transitioning from traditional WAN architectures to a modern Secure Access Service Edge (SASE) model is more than a technological shift—it’s a strategic evolution. Success depends on a well-planned, phased approach that minimizes disruption while maximizing return on investment. With careful planning, organizations can achieve secure, agile, and future-ready networks. Here are eight essential steps to […]
The Evolving Game of Cybersecurity: How Attackers Evade Detection and How You Can Respond
Cybersecurity is a never-ending contest where attackers and defenders constantly try to outsmart each other. As attackers refine their evasion tactics to slip past defenses, cybersecurity professionals must adapt, staying one step ahead to protect their systems. In this article, we’ll explore some of the most sophisticated evasion techniques used by attackers today and share […]
Why Custom IOCs Are the Key to Proactive Cybersecurity
Have you ever wondered how security professionals detect and mitigate cyberattacks before they cause chaos? The answer lies in Cyber Threat Intelligence (CTI)—specifically, the ability to identify and act on Indicators of Compromise (IOCs). But not all IOCs are created equal. While generic IOCs, like lists of suspicious IPs or file hashes, are widely shared, […]
Are You Ready for the Cybersecurity Challenges of 2025?
The cybersecurity landscape in the Asia Pacific is evolving rapidly, with 2025 poised to bring a wave of sophisticated threats and opportunities. Palo Alto Networks recently outlined key trends that organisations in the region should prepare for, offering a glimpse into the future of cyber resilience. Unified Security Platforms: The End of Fragmentation In 2025, […]
Finastra Investigates Data Breach as Hacker Claims to Sell Stolen Data
Could your financial institution’s data be at risk? Finastra, a UK-based fintech giant that serves over 8,000 financial institutions worldwide, is investigating a significant data breach after a hacker claimed to have stolen sensitive information and offered it for sale on a dark web forum. The breach allegedly stems from a compromised file-transfer platform used […]
Could Your Business Fall Victim to a Cyber Heist? Here’s What Happened to iLearningEngines
How prepared is your business to handle a cybersecurity breach? Maryland-based AI-powered learning automation firm iLearningEngines recently disclosed a cyberattack that led to a $250,000 theft, underscoring the financial and operational risks companies face in today’s digital landscape. What Happened? According to a filing with the SEC, iLearningEngines experienced unauthorized access to its network, resulting […]
GitLoker Hacking Group Offers New GitHub Phishing Tool: A Warning for Developers
The GitLoker hacking group, known for hijacking GitHub repositories and extorting developers, has taken its operations to the next level with a new phishing tool called Goissue. Marketed as the “premier solution for efficiently extracting GitHub users and their emails,” this tool represents a dangerous escalation in targeted attacks against developers and their organizations. Goissue: […]
Exploitation Attempts Target Two Recently Patched Citrix Session Recording Vulnerabilities
Cybersecurity researchers have reported exploitation attempts targeting two recently patched vulnerabilities in Citrix Session Recording. These vulnerabilities, identified as CVE-2024-8068 and CVE-2024-8069, were disclosed by cybersecurity firm WatchTowr, which released technical details and a proof-of-concept (PoC) exploit on November 12, 2024. Vulnerability Details The vulnerabilities affect the Session Recording component of the Citrix Virtual Apps […]