Continuous Monitoring and Protection
Digital Security When a ruse puts on a familiar face, your guard might drop, making you an easy mark. Learn how to tell a friend apart from a foe. Tomáš Foltýn 09 Apr 2025 • , 4 min. read News that someone close, be it a friend, relative, or colleague, has had one of their valuable online accounts compromised is bound to trigger a mix of reactions. Concern for them comes first, naturally. But not…
Read MoreDigital Security Corporate data breaches are a gateway to identity fraud, but they’re not the only one. Here’s a lowdown on how your personal data could be stolen – and how to make sure it isn’t. Phil Muncaster 08 Apr 2025 • , 5 min. read Data breaches are a growing threat to companies and a nightmare for their customers. According to the latest figures, 2024 witnessed 3,158 publicly reported incidents in the US –…
Read MoreDigital Security Here’s how to avoid being hit by fraudulent websites that scammers can catapult directly to the top of your search results Tomáš Foltýn 10 Apr 2025 • , 4 min. read When was the last time you searched for something using Google Search, Bing or another gateway to the endless expanse of the internet? What a silly question, right? It may have been just moments ago and perhaps it’s even how you landed…
Read MoreChina-based purveyors of SMS phishing kits are enjoying remarkable success converting phished payment card data into mobile wallets from Apple and Google. Until recently, the so-called “Smishing Triad” mainly impersonated toll road operators and shipping companies. But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff. An image of an iPhone device farm shared on Telegram by one of the Smishing Triad…
Read MoreAs promised in our post about the European Cyber Security Month during October, we are publishing about Botnets and Exploits this week. Even though we had the Poodle flaw in the web encryption standard a few days ago, we are using this week to explain what are botnets and exploits and how they work. Ignacio Pérez 20 Oct 2014 • , 3 min. read As promised in our post about the European Cyber Security Month…
Read MoreIn this post we want to share with you a question that arose from the first post in this series: whether exploits are the same as malware. What are we talking about? The best way to debunk any myth is to start by understanding what it is we are talking about. Camilo Gutiérrez Amaya 21 Oct 2014 • , 2 min. read Continuing with our support to the European Cyber Security Month, we are publishing…
Read MoreState organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that’s evolved into a sophisticated threat with a modular architecture. Robert Lipovsky 22 Sep 2014 • , 5 min. read A large number of state organizations and private businesses from various industry sectors in Ukraine and Poland have been targeted in recent attacks using malware designed for network discovery and remote code execution,…
Read MoreMicrosoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft’s most-dire “critical” rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users. The zero-day flaw already seeing exploitation is CVE-2025-29824, a local elevation of privilege bug in the Windows Common Log File System (CLFS)…
Read MoreA Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the expert’s testimony may have been pivotal. One might conclude from reading Mr. Lanterman’s LinkedIn profile that has a degree from…
Read MoreIvanti released security updates to address vulnerabilities (CVE-2025-22457) in Ivanti Connect Secure, Policy Secure & ZTA Gateways. A cyber threat actor could exploit CVE-2025-22457 to take control of an affected system. CISA has added CVE-2025-22457 to its Known Exploited Vulnerabilities Catalog. See the following resources for more guidance: April Security Update | Ivanti April Security Advisory Ivanti Connect Secure, Policy Secure & ZTA Gateways (CVE-2025-22457) Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)…
Read More