Blog – Page 85 – VigilantAI

gurushyam.mony
October 21, 2024
No Comments

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems

gurushyam.mony
October 21, 2024
No Comments

5 Steps to Boost Detection and Response in a Multi-Layered Cloud

gurushyam.mony
October 21, 2024
No Comments

Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration

gurushyam.mony
October 21, 2024
No Comments

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

gurushyam.mony
October 21, 2024
No Comments

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

gurushyam.mony
October 21, 2024
No Comments

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

gurushyam.mony
October 21, 2024
No Comments

The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short

gurushyam.mony
October 21, 2024
No Comments

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

gurushyam.mony
October 21, 2024
No Comments

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT

gurushyam.mony
October 21, 2024
No Comments

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

Beyond the Breach: The Ongoing Impact of the Change Healthcare Attack April 10, 2025
In February 2024, Change Healthcare was the target of a massive ransomware attack that is now known as the most significant data breach in American history. Thousands of healthcare providers across the country rely on Change Healthcare’s solutions and services, including the exchange of healthcare data and financial transactions between healthcare providers, insurers, and patients. […]
Michael Gray
Nations Commit to Curbing the Spread of Spyware April 9, 2025
Following over a year of work on the agreement, twenty-one nations signed The Pall Mall Process in Paris to govern the use of spyware. The Pall Mall Process is an international, multi-stakeholder initiative aimed at identifying and implementing political commitments to counter the proliferation and irresponsible use of commercially available cyber intrusion capabilities—which often manifest […]
Kirsten Doyle
WhatsApp Flaw Exposes Users to Malicious Attacks April 9, 2025
A critical vulnerability in WhatsApp for Windows, tracked as CVE-2025-30401, allowed malicious actors to execute malicious code via seemingly harmless file attachments. This flaw affected all versions of WhatsApp Desktop prior to 2.2450.6. WhatsApp said the vulnerability stemmed from a mismatch in how WhatsApp handled file attachments: it displayed files based on their MIME type […]
Kirsten Doyle
Sweet and Sticky: Irresistible Honeytokens for the Craftiest Cyber Bees April 9, 2025
Let’s face it: If an attacker is already inside your system, you need to know fast. HoneyTokens are lightweight traps that blend seamlessly into your infrastructure, acting as silent traps. The moment an attacker interacts with one, it triggers an alert, giving you real-time visibility into the breach and a chance to stop it before […]
Jeff Morrison
NIST Declares CVE Cutoff: Pre-2018 Vulnerabilities Now ‘Deferred’ April 8, 2025
The National Institute of Standards and Technology (NIST) has announced that all CVEs published before 1 January 2018, will be marked as ‘Deferred’ in the National Vulnerability Database (NVD). “All CVEs with a published date prior to 01/01/2018 will be marked as Deferred within the NVD dataset. We are assigning this status to older CVEs […]
Kirsten Doyle
Europol Warns: AI Is Turbocharging Organized Crime April 8, 2025
Organized crime networks are using artificial intelligence (AI) to enhance their operations, creating unprecedented challenges for law enforcement, warned Europol in its European Serious Organised Crime Threat Assessment (EU-SOCTA) report. “Criminal networks have demonstrated the ability to rapidly adapt to new technological solutions,” the report said. “This includes AI, a solution that has transformed the […]
Josh Breaker Rolfe and Kirsten Doyle
Beware of YouTube Links: Neptune RAT’s Advanced Capabilities Exposed April 8, 2025
Researchers at CYFIRMA have discovered a new version of Neptune RAT, a highly advanced Remote Access Trojan (RAT) that targets Windows systems. Written in Visual Basic .NET, this scourge has been spreading rapidly across platforms such as GitHub, Telegram, and YouTube, where it is being marketed with phrases like “Most Advanced RAT.” “This indicates its […]
Kirsten Doyle
Exploring the Implications of DORA April 8, 2025
As of January 17, 2025, the Digital Operational Resilience Act (DORA) came into force across all European Union member states, with the crucial aim of strengthening the IT security of financial entities such as banks, insurance companies, and investment firms. To do this, the regulation looks to standardize how financial entities report cybersecurity incidents, test […]
Javvad Malik
How Real is the Netflix Series Zero Day? New Research Says Very. April 7, 2025
The Netflix series Zero Day has Americans wondering how feasible an attack on critical infrastructure is. The simple answer? Very. While the show’s impeccably coordinated scenario is unprecedented, research confirms that in 2024, threat actors from Russia, China, and North Korea targeted critical infrastructure, government agencies, and private enterprises. These attacks highlight the growing use of state-sponsored cyber espionage […]
Süleyman Özarslan
Apache Tomcat Under Siege 2: Well-Hidden Payload April 7, 2025
The latest sequel no one asked for has been announced, with the only good news being that it doesn’t involve any of the Avengers. The bad news, however, is that it is another attack campaign by malicious actors targeting Apache Tomcat servers, coming just weeks after we reported on the RCE vulnerability, which was also […]
Adam Parlett