Skip to main content

Tag: mfa bypass is not relevant here

10 articles

Technician troubleshoots highlighted server in data center amidst concern.

Progress Disrupts ShareFile Storage Over Unspecified Security Threat

Progress Software has urgently advised ShareFile customers to take their Windows servers offline due to a credible external security threat, acting swiftly to protect user data despite having no evidence of unauthorized access. The company is working closely with security experts to resolve the issue and restore services.

Analyst 207
Developer workstation with laptop, terminal, and papers, in a research area with a blurred background.

AI Coding Assistants Exposed to Symlink Flaw

Researchers uncovered a major vulnerability, dubbed GhostApproval, that affects six popular AI coding assistants, allowing attackers to manipulate the code and write malicious data into sensitive files. This flaw uses a clever trick involving deceptively named files and symbolic links to catch AI assistants off guard.

Analyst 207
Unix-era computer terminal in a clean lab setting with coding interface and subtle file system hint.

AI Coding Agents Expose Unix-Era Security Flaw

A clever trick that exploits a long-standing Unix security flaw, dubbed GhostApproval, can bypass human approvals in AI coding assistants, rendering consent meaningless. By manipulating a harmless-looking project file, attackers can secretly alter sensitive system settings.

Analyst 207
Healthcare worker sits at desk, looking concerned, with computer screen displaying email inbox.

Healthcare Organization Backpedals on Phishing Test Targeting Staff Burnout

Newfoundland and Labrador Health Services is hitting the brakes on a well-intentioned but misguided phishing test that left staff feeling frustrated and burnt out. The healthcare organization has apologized and pledged to review its approach after sending employees a fake email offering an extra paid day off.

Analyst 207
Modern office space with scattered papers and an open file cabinet, hinting at disruption.

Ransomware Attacks Shift to Data Theft Tactics

Ransomware attacks have taken a sinister turn, with a growing number of hackers ditching decryption keys and instead using stolen data to extort their victims. In fact, a recent report found that a whopping 87% of ransomware claims now involve data theft, with encryption becoming a thing of the past.

Analyst 207
Locked cabinet with combination dial in a dimly lit, institutional office setting.

Ransomware Gangs Test Trust with Data Deletion Promises

Can you ever trust a ransomware gang's promise to delete stolen data? The recent Instructure breach has brought this question to the forefront, leaving victims wondering if paying up is worth the risk of broken promises.

Analyst 207
Cluttered server room with stacked routers, cables, and wires in dim light.

China Builds Covert Hacker Networks with Compromised Routers

China-nexus cyber actors have dramatically changed their game, ditching solo operations for massive networks of hacked devices - and it's a threat you need to know about. A joint advisory from top cyber agencies worldwide warns of this new tactic, urging vigilance in the face of large-scale cyber attacks.

Analyst 207
Government agency office interior with subtle computer equipment hints.

Eset Exposes Chinese Hackers' Careless Backdoor Tactics

Chinese hackers have been caught off guard by their own carelessness, leaving behind a digital trail that exposed their previously undetected backdoor tactics. Researchers uncovered over 9,000 messages revealing the attackers' testing systems and habits, leading to the identification of a Chinese nation-state actor dubbed GopherWhisper.

Analyst 207
Dark cityscape with cracked window, shattered padlock, and eerie glows of devices, symbolizing vulnerability and cyber…

Microsoft Vulnerabilities Resurface, Fueling Cybercrime and Ransomware

Beware: long-dead Microsoft vulnerabilities are coming back to haunt networks, fueling cybercrime and ransomware attacks. Even a 14-year-old software flaw is being exploited by crooks, putting your network at risk.

Analyst 207
Dimly lit hospital corridor with a laptop screen displaying a ransom note and blurred medical file.

Ransomware Attack Cripples Dutch Healthcare IT Firm ChipSoft

A ransomware attack on Dutch healthcare IT firm ChipSoft has left patients and clinicians scrambling, as clinical portals and scheduling tools went dark, disrupting critical care management systems. The devastating cyber incident forced ChipSoft to take its website and digital services offline, leaving many wondering who's left holding the chart.

Analyst 207