Author: Admin

A sharp increase in phishing attacks, including a 202% rise in overall phishing messages in the second half of 2024, has been identified by cybersecurity experts. According to SlashNext’s 2024 Phishing Intelligence Report, a substantial 703% surge in credential phishing attacks was also observed in the same period. Key findings from the study reveal that users encounter an average of one advanced phishing attack per mailbox every week. Mobile users face up to 600 threats…

A recent investigation by security researchers has revealed a troubling surge in malicious campaigns exploiting popular development tools, including VSCode extensions and npm packages. These campaigns compromise local development environments and pose risks to broader software supply chains. From VSCode Marketplace to npm Initially detected by ReversingLabs in the VSCode Marketplace, the campaign expanded to the npm ecosystem in late 2024. One example of the latest malicious npm packages is etherscancontracthandler, with five versions identified. Three…

Containerized application development has revolutionized modern software delivery, but slow image builds in CI/CD pipelines can bring developer productivity to a halt. Even with AWS CodeBuild automating application testing and building, teams face challenges like resource constraints, inefficient caching, and complex multi-architecture builds that lead to delays, lower release frequency, and prolonged recovery times. Enter Docker Build Cloud, a high-performance cloud service designed to streamline image builds, integrate seamlessly with AWS CodeBuild, and reduce build…

In an era where we are completely reliant on digital connectivity, the security of our critical infrastructure is paramount. CISA defines 16 sectors of US critical infrastructure; each unique and yet each deeply interconnected. Most believe that it is safe because, after all, the government controls most of it and thus it must be well protected. Leaving aside the false assumption that if it were controlled by the government, that it would be protected, the reality…

A threat actor has been observed using vishing via Microsoft Teams to deploy DarkGate malware and gain remote control over the victim’s computer network. Trend Micro reported that the attacker posed as an employee of a known client on an MS Teams call, enabling them to dupe the target user into downloading the remote desktop application AnyDesk, which then facilitated the deployment of DarkGate malware. DarkGate is a sophisticated piece of malware designed to perform…

According to Gallup’s 2024 “State of the Global Workplace Report,” 85% of employees worldwide are disengaged. Worse still, the ratio of actively disengaged employees in North America has dropped to 1.8 engaged employees for every disengaged worker, down from 2.1 in previous years and the lowest since 2013. This disengagement is costing an astounding $7.8 trillion in lost productivity. While we could attribute this to crappy leadership and archaic corporate institutions that have eroded trust…