Blog – Page 142 – VigilantAI

October 28, 2024
No Comments

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 – Oct 27)

October 28, 2024
No Comments

Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

October 26, 2024
No Comments

Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

October 26, 2024
No Comments

Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

October 26, 2024
No Comments

CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities

October 25, 2024
No Comments

Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite

October 25, 2024
No Comments

Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security

October 25, 2024
No Comments

SEC Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures

October 25, 2024
No Comments

Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

October 25, 2024
No Comments

Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations

KawaLocker Ransomware Emerges in New Attack August 18, 2025
Huntress analysts have tracked a fresh ransomware incident involving KawaLocker, also known as KAWA4096. The variant is new, but the method is familiar. Attackers gained access, disabled defenses, and moved to encrypt files. Ransomware families surface often. A year ago, Huntress reported on ReadText34. Just last month, a never-before-seen strain called Crux appeared. KawaLocker joins […]
Kirsten Doyle
Managing Third-Party Security Risks in Education August 15, 2025
In December 2024, PowerSchool — one of North America’s most widely used student information systems — disclosed a breach that affected millions of students and educators. Hackers gained access using a compromised password and remained undetected for nine days, exposing sensitive personal information, including Social Security numbers and medical histories. This wasn’t just a system […]
Zac Amos
Canadian Parliament Hit by Cyberattack, Investigation Underway August 15, 2025
The House of Commons and Canada’s cybersecurity agency are investigating a significant breach of parliamentary employee data, CBC News reports. An internal email to CBC staff on Monday 11 August said a malicious actor exploited a recent Microsoft vulnerability to gain unauthorized access to a database used to manage computers and mobile devices. The data […]
Kirsten Doyle
Credential Theft and Data Exfiltration Lead Modern Ransomware Threats August 15, 2025
Ransomware and infostealer threats are evolving faster than most organizations can keep pace. Security teams have invested heavily in backup and recovery systems, yet today’s most damaging attacks often bypass encryption altogether. Picus Security’s Blue Report 2025 uncovered a shift: threat actors are targeting credential theft, data exfiltration, and lateral movement, founded on stealth and […]
Kirsten Doyle
Why upskilling must be a strategic priority for UK tech organisations August 14, 2025
The UK tech sector stands at a crossroads. On one hand, we are seeing ambitious investments in emerging technologies, particularly AI, cloud computing, and cybersecurity. On the other hand, a significant disconnect grows between the pace of innovation and the digital capabilities of the current workforce. According to a 2024 study by the University of […]
Alexia Pedersen
Six New Windows Vulnerabilities Found, Including First Rust-Based Kernel Flaw August 14, 2025
Six new vulnerabilities have been found in Microsoft Windows. One is critical. All are serious. Check Point Research discovered the flaws and disclosed them privately to Microsoft. Patches were released on 12 August as part of Patch Tuesday. The risks are varied: system crashes, arbitrary code execution, and information leaks. For attackers, the attack surface […]
Kirsten Doyle
The Real Purpose of the UK’s Online Safety Act: An Expert Explains August 13, 2025
The introduction of the UK’s Online Safety Act has sparked a lot of conversation and confusion. Both users and businesses are still trying to make sense of what it really means and how to navigate it. Professor George Loukas, Professor of Cyber Security (Human-centric and Cyber-physical Security) at the University of Greenwich, is here to […]
Dilki Rathnayake
Empowering Citizen Developers Without Compromising Security August 13, 2025
Thanks to no-code tools, citizen application development platforms (CADPs) are ushering in a new era where business units are no longer waiting in IT backlogs for application support—they’re building their own. Employees without coding skills are creating business applications, workflow automations, and integrations with a few clicks. According to Gartner, citizen developers will contribute up […]
Yair Finzi
Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images August 13, 2025
In March last year, an insidious software supply chain compromise was revealed. The discovery of a backdoor in XZ Utils shook the cybersecurity world, thanks to its technical sophistication and for the bad actor’s methodical patience. A developer known as “Jia Tan” had spent two years earning trust in the XZ Utils project. The code […]
Kirsten Doyle
Erlang/OTP SSH Flaw Actively Exploited in OT Networks August 13, 2025
A critical flaw in Erlang’s Open Telecom Platform is under active attack. CVE-2025-32433 carries a CVSS score of 10.0 and allows remote code execution without authentication. According to Palo Alto’s Unit 42 reseachers, it affects the platform’s native SSH daemon, used to manage hosts in telecom, 5G, and industrial systems. Bad actors can send specific […]
Kirsten Doyle