Polymath Central

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign

November 19, 2024

U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information. The adversaries, tracked as…

Cybersecurity

CISA Alert: Active Exploitation of VMware vCenter and Kemp LoadMaster Flaws

November 19, 2024

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)…

Cybersecurity

The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think

November 18, 2024

According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report. At the same time, the…

Cybersecurity

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

November 18, 2024

Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader…

Cybersecurity

The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think

November 18, 2024

According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report. At the same time, the…

Cybersecurity

Gmail’s New Shielded Email Feature Lets Users Create Aliases for Email Privacy

November 18, 2024

Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature…

Cybersecurity

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 – Nov 17)

November 18, 2024

What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week…

Cybersecurity

Beyond Compliance: The Advantage of Year-Round Network Pen Testing

November 18, 2024

IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here’s the thing: hackers don’t wait around for compliance schedules.…

Cybersecurity

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

November 18, 2024

A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead…

Cybersecurity

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta’s Lawsuit

November 18, 2024

Legal documents released as part of an ongoing legal tussle between Meta’s WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app…