Polymath Central

Learn How Experts Secure Privileged Accounts—Proven PAS Strategies Webinar

December 10, 2024

Cybercriminals know that privileged accounts are the keys to your kingdom. One compromised account can lead to stolen data, disrupted operations, and massive business losses. Even top organizations struggle to…

Cybersecurity

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices

December 10, 2024

A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight. “Proxy malware and services enable other types of criminal activity adding uncontrolled…

Cybersecurity

Seven Bolt-Ons to Make Your Entra ID More Secure for Critical Sessions

December 10, 2024

Identity security is all the rage right now, and rightfully so. Securing identities that access an organization’s resources is a sound security model. But IDs have their limits, and there…

Cybersecurity

Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI

December 10, 2024

Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could permit a bad actor to take control of a victim’s…

Cybersecurity

⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 – 8)

December 10, 2024

This week’s cyber world is like a big spy movie. Hackers are breaking into other hackers’ setups, sneaky malware is hiding in popular software, and AI-powered scams are tricking even…

Cybersecurity

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

December 10, 2024

The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since…

Cybersecurity

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

November 27, 2024

A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into…

Cybersecurity

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

November 26, 2024

Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve…

Cybersecurity

Intruder Launches Intel: A Free Vulnerability Intelligence Platform For Staying Ahead of the Latest Threats

November 26, 2024

When CVEs go viral, separating critical vulnerabilities from the noise is essential to protecting your organization. That’s why Intruder, a leader in attack surface management, built Intel – a free…

Cybersecurity

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

November 26, 2024

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies. Trend Micro,…