SuperBlack Ransomware Exploits Fortinet Vulnerabilities for Unauthorized Access
A new ransomware group known as ‘Mora_001’ has been identified exploiting two authentication bypass vulnerabilities in Fortinet firewall appliances to deploy a custom ransomware strain named ‘SuperBlack’. Exploited Vulnerabilities: CVE-2025-24472: Initially fixed in January 2025, this vulnerability enables remote attackers to gain super-admin privileges by making maliciously crafted CSF proxy requests. Although Fortinet initially stated […]
Critical RCE bug in Microsoft Outlook now exploited in attacks
CISA Urges U.S. Federal Agencies to Secure Systems Against Critical Microsoft Outlook Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to U.S. federal agencies, urging them to secure their systems against ongoing attacks exploiting a critical remote code execution (RCE) vulnerability in Microsoft Outlook. This vulnerability, identified by Check Point researcher Haifei […]
Understanding the Dark Web: Implications for Financial Assurance
The Dark Web and Financial Institutions The Dark Web, a hidden subset of the internet, presents unique risks and challenges for financial institutions. As a space where anonymity thrives, it has become a hub for illegal activities, including the trade of stolen financial data. Understanding and addressing these risks is essential for the financial assurance […]
Fortinet Warns Users to Beware of Zero-Day Vulnerabilities Already Exploited
CVE-2024-55591 Vulnerability: Authentication Bypass Threat Impacting FortiOS and FortiProxy CVE-2024-55591 is an Authentication Bypass vulnerability affecting FortiOS versions 7.0.0 to 7.0.16 and FortiProxy versions 7.0.0 to 7.0.79 and 7.2.0 to 7.2.12. This vulnerability allows attackers to send malicious requests to the Node.js WebSocket, granting themselves super-admin privileges. Attack Patterns According to observations from Fortinet and […]
Thailand’s New Minimum Wage Law 2025 -Important Update for Employers
The Wage Committee has announced a Notice of Minimum Wage Rates (No. 13) with a significant increase in the minimum wage, effective 1 January 2025. This change will have a major impact on businesses, particularly in the areas of Chachoengsao, Chon Buri, Phuket, Rayong, and Surat Thani Province (Ko Samui District), where the minimum wage […]
AI and Cybersecurity Trends for 2025
This emphasizes the growing sophistication of AI-driven cyber-attacks, characterized by increasingly convincing phishing attempts and adaptive malware. The use of AI to target critical infrastructure further underscores the significant challenges faced by cybersecurity professionals. Moreover, the proliferation of deepfakes and synthetic media will necessitate the development of advanced tools for detection and mitigation. In addition, […]
Understanding How Cybercriminals Operate to Safeguard Your Business
By learning how cybercriminals select their targets and execute attacks, you can take proactive steps to prevent data breaches in your company. To provide deeper insights into attackers’ strategies, we partnered with NordStellar to analyze nearly 2,000 data breach incidents reported between August 31, 2022, and September 1, 2024. Our findings shed light on which […]
Worst Passwords of 2024: A Wake-Up Call for Digital Security
The latest annual study from NordPass on the 200 most common passwords globally highlights a persistent issue: many people continue to choose weak and predictable passwords, leaving their accounts highly vulnerable to cyberattacks. Key Findings Most Popular Passwords: “123456” remains the most widely used password worldwide, followed closely by “123456789” and the aptly named “password.” […]
Harnessing AI: PKF’s Insights on Emerging Technology and Business Adaptation
Exclusive Summary The recent advancements and strategic priorities in technology to drive business growth and resilience. Key Highlights Emerging Technology Trends– Increased adoption of AI and Machine Learning for operational efficiency and advanced data insights.– Emphasis on enhancing Cybersecurity measures to safeguard critical infrastructure.– Transition to Cloud Computing for scalable and flexible business operations. Organizational […]
Microsoft Thailand Collaborates with NCSC to Strengthen Cybersecurity in Thailand
Bangkok, Thailand – May 28, 2024 – Microsoft Thailand today announced a collaboration with the National Cyber Security Agency (NCSC) to join the Government Security Program (GSP) to exchange cybersecurity information, knowledge, and insights in a transparent manner, aiming to strengthen cybersecurity in Thailand. The Government Security Program (GSP) is a global initiative where Microsoft […]
