Cybersecurity - Insights Cybersecurity - News News News - Insights

Akira Ransomware Continues Exploiting SonicWall Vulnerability Using Legitimate Tools

Security researchers warn that the Akira ransomware group is still actively exploiting a year-old SonicWall vulnerability (CVE-2024-40766) for initial access, while relying on pre-installed and legitimate tools to evade detection. This vulnerability, a critical access control flaw with a CVSS score of 9.3, was patched in August 2024, yet Akira continues to target systems that remain unpatched.Over the past three months, Akira attacks have focused on SSL VPN accounts using one-time passwords (OTP) for multi-factor authentication (MFA). According to Arctic Wolf, dozens of incidents show common indicators such as VPN logins from VPS hosting providers, network scanning, Impacket SMB activity [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Microsoft Thwarts AI-Generated Phishing Campaign Targeting US Organizations

Microsoft Threat Intelligence recently intercepted a sophisticated phishing campaign that appears to have leveraged AI-generated code to avoid detection. The attack targeted organizations in the United States and attempted to hide its malicious payload inside an SVG file disguised as a PDF. On August 18, attackers used a compromised small business email account to distribute phishing messages. The emails were self-addressed, with actual targets hidden in the Bcc field, and mimicked file-sharing notifications. The attached file, named “23mb – PDF- 6 pages.svg,” contained embedded scripts that redirected recipients to a fake CAPTCHA page, likely leading to a fraudulent login form. [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

How AI is Transforming Cyberattacks According to Wiz CTO Ami Luttwak

Ami Luttwak, chief technologist at cybersecurity firm Wiz, recently shared insights with TechCrunch on how artificial intelligence (AI) is reshaping the cybersecurity landscape. “Cybersecurity is ultimately a mind game,” Luttwak explained. “Whenever a new technology emerges, it presents attackers with new opportunities.” As businesses rapidly integrate AI into workflows—through vibe coding, AI agents, or other tools—the overall attack surface expands. While AI helps developers deliver code faster, this speed often introduces mistakes and insecure shortcuts, which can be exploited by attackers. Wiz, acquired by Google earlier this year for $32 billion, observed that many AI-assisted applications show insecure authentication implementations. [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

First Malicious MCP Server Exposed in Rogue Postmark-MCP Package

Cybersecurity researchers have identified the first-ever case of a malicious Model Context Protocol (MCP) server discovered in the wild, highlighting the growing risks to the software supply chain. According to Koi Security, a threat actor introduced rogue functionality into an npm package named “postmark-mcp”, which mimicked the legitimate Postmark Labs library of the same name. The malicious code first appeared in version 1.0.16, released on September 17, 2025. The authentic Postmark-MCP library, available on GitHub, is designed to expose an MCP server that allows users to send emails, manage templates, and track campaigns with AI assistants. However, the compromised npm [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Amazon Agrees to $2.5 Billion Settlement Over Prime Practices

Amazon has agreed to a $2.5 billion settlement with the Federal Trade Commission (FTC) following allegations that the company used deceptive tactics to enroll and retain customers in its Prime subscription service. Despite settling, Amazon maintains that it has always complied with the law. FTC’s Allegations The FTC accused Amazon of employing misleading designs and practices to push consumers into Prime subscriptions and making it unnecessarily difficult to cancel. According to the lawsuit, Amazon relied on “dark patterns”—manipulative design choices in digital interfaces that confuse or pressure users into actions they might not otherwise take, such as agreeing to recurring [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Cognex Industrial Camera Vulnerabilities Pose Risks Without Available Patches

Several industrial cameras produced by Cognex have been identified with serious security vulnerabilities, and the company has stated that no patches will be released for affected models. Organizations using these devices are being advised to transition to newer versions to maintain secure operations. The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on September 18, highlighting the risks associated with Cognex In-Sight products. These cameras, widely used in manufacturing facilities, guide robotic operations, inspect products for quality, and track inventory—functions critical to many industrial environments. Security researchers from Nozomi Networks discovered nine distinct vulnerabilities affecting In-Sight 2000, 7000, 8000, [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Jaguar Land Rover Initiates Phased Recovery Following Cyber-Attack

Jaguar Land Rover (JLR) has started a gradual restart of its operations after a significant cyber-attack disrupted production across the automotive giant. The UK-based company, owned by Tata Motors, has been working to restore critical IT systems and resume normal business functions. JLR has boosted its IT processing capabilities for invoicing, enabling the company to start addressing the backlog of payments owed to suppliers. Its financial systems, responsible for processing vehicle wholesale transactions, are also back online, allowing faster car sales and registration for customers. The company’s Global Parts Logistics Centre, which supports parts distribution for retail partners both in [...]

Read more

Cybersecurity - Insights Cybersecurity - News News News - Insights

Massive Exposure of Indian Bank Transfer Records After Cloud Security Misconfiguration

A recent data exposure incident has raised alarms in India’s financial sector, after hundreds of thousands of sensitive bank transfer documents were found accessible online due to an unsecured cloud server. The leak revealed account numbers, transaction amounts, and customer contact details. Discovery of the breach Cybersecurity researchers at UpGuard identified the issue in late August, when they found a publicly accessible Amazon-hosted storage bucket containing approximately 273,000 PDF documents related to Indian bank transfers. These files were forms used for processing transactions through the National Automated Clearing House (NACH), a system that handles large volumes of recurring payments such [...]

Read more

Opinion Software

Achieve Your Goals with Habits

Read more

Cybersecurity - News Insights Opinion

Why is Endpoint Protection CRUCIAL for Your Company?

Read more

Opinion

Best Practice for Updating the DOM in React After Making an HTTP POST Request

Read more

Events

Executive Breakfast: Cybersecurity + Autonomous AI and “Dark Horse” Ransomware with ThreatDown Corporate Team

Read more