EHA
New account takeover campaign targets over 100 corporations’ top executives

New account takeover Campaign Targets Over 100 Corporations’ Top Executives

The top-level executives at more than 100 global organizations have been shaken by cloud account takeover incidents. Leveraging the power of EvilProxy, a cunning phishing tool employing reverse proxy architecture, attackers managed to breach multifactor...
Adobe ColdFusion Flaw Let Attackers Gain Access to Sensitive Files – PoC Released

Adobe ColdFusion Flaw Let Attackers Gain Access to Sensitive Files – PoC Released

Adobe has addressed a critical vulnerability in its ColdFusion software, which could have allowed attackers to read files arbitrarily from the system. The flaw, identified as CVE-2024-20767, has been patched, but the details surrounding...
Microsoft Notifies DevOps Teams That Major Domain Change Is Coming

Microsoft Notifies DevOps Teams That Major Domain Change Is Coming

Microsoft is unifying its cloud domain for Microsoft 365 services under "cloud.microsoft" to streamline the user experience and administration, which aims to reduce domain fragmentation for authenticated user-facing apps and services.  The consolidation will enhance...
UK’s NCSC Releases SCADA Security Guidance to the Cloud

UK’s NCSC Releases SCADA Security Guidance to the Cloud

The National Cyber Security Centre (NCSC) of the United Kingdom has recently published a comprehensive set of guidelines designed to assist organizations in securely transitioning their Supervisory Control and Data Acquisition (SCADA) systems to...
UNC1549 Hackers Abuse Microsoft Azure Cloud Infra To Attack Defense Sectors

UNC1549 Hackers Abuse Microsoft Azure Cloud To Attack Defense Sectors

A new threat activity has been discovered that relates to the Iran-Nexus espionage activity that targets Aerospace, Aviation, and defense industries in multiple countries, including Israel, UAE, Turkey, India, and Albania. This threat activity...
Five Eyes Agencies Exposes Russian APT29 Cloud Attack Tactis

Five Eyes Agencies Exposes Russian APT29 Cloud Attack Tactis

In a groundbreaking advisory, cybersecurity agencies from the Five Eyes intelligence alliance have detailed the sophisticated tactics, techniques, and procedures (TTPs) employed by APT29, a notorious cyber espionage group linked to Russia's SVR intelligence...
Hackers Heavily Abusing Google Cloud Run to Deliver Banking Malware

Hackers Heavily Abusing Google Cloud Run to Deliver Banking Malware

Large-scale malware distribution campaigns are abusing Google Cloud Run to transmit banking trojans, including Astaroth (also known as Guildma), Mekotio, and Ousaban, to European and Latin American targets. With Cloud Run, you can promptly execute...
ChatGPT-Powered Malware Attacking Cloud Platforms to Steal Login Credentials

ChatGPT-Powered Malware Attacking Cloud Platforms to Steal Login Credentials

Threat actors can potentially exploit ChatGPT to generate convincing phishing emails or deceptive content encouraging users to download malware.  They may also use the model to obfuscate malicious code or to assist in social engineering...
Palo Alto Networks to Acquire Cloud Security Start-up Dig

Palo Alto Networks to Acquire Cloud Security Start-up Dig

One of the top companies in the cybersecurity industry, Palo Alto Networks, has recently finalized the acquisition of Dig Security, an up-and-coming startup that specializes in providing advanced security solutions for cloud-based systems. Palo Alto...
Cloudflare Observed The Peak DDOS Attack of 201 Million HTTP Requests Per Second 

Cloudflare Observed The Peak DDOS Attack of 201 Million HTTP Requests Per Second 

DDoS (Distributed Denial of Service) attacks are extremely destructive and alarming since they flood a target's web services with overwhelming traffic. This can disrupt or even completely disable:- Websites Servers Networks This can cause significant financial losses, damage to...

Managed WAF

Website

Latest News