Cybercriminals’ top LOLBins
Cyberattacks most commonly rely on just a few common operating system components.
1219 articles
Cyberattacks most commonly rely on just a few common operating system components.
The Open Management Infrastructure agent, with four vulnerabilities, is being automatically installed on virtual Linux machines on Microsoft Azure.
To protect MikroTik routers from the Mēris botnet, or to clean a previously infected router, users should update RouterOS and check settings.
Our first transparency report addresses requests from law enforcement agencies and government organizations worldwide.
An unpatched vulnerability in the MSHTML engine is enabling attacks on Microsoft Office users.
Malefactors are looking for vulnerable Confluence servers and exploiting CVE-2021-26084, an RCE vulnerability.
Misconfigured applications built with Microsoft Power Apps leave millions of personally identifiable information entries exposed.
One click on a phishing link can cost a company both money and reputation. Here’s how to protect your company from phishing.
News reports of Linux threats have been increasingly frequent lately. Here’s what you can do about it.
Loss or leaks of sensitive information can be serious problems for small businesses. Here’s how to keep confidential data safe.
Why using a corporate mail account for personal matters is not a good idea
Having a shared storage and data exchange environment can pose additional risks to corporate security.
Spam and phishing e-mails are not the only threats you might find in your mailbox. Cybercriminals are still using good old links to malware.
LockBit 2.0 ransomware can spread across a local network through group policies created on a hijacked domain controller.
Scammers are using redirects through Google Apps Script to prevent mail servers from blocking phishing links.
Update all Windows systems immediately to patch CVE-2021-1675 and CVE-2021-34527 vulnerabilities in the Windows Print Spooler service.
Attackers claiming to represent Adobe online services are sending fake notifications to obtain corporate e-mail credentials.