Cybercriminals Are Using Fake AI Tools to Spread Malware
The massive excitement around Artificial Intelligence (AI) tools has become a goldmine for cybercriminals. They’re heavily using this buzz to trick people into downloading dangerous ransomware and malware. This isn’t just a tactic for highly advanced hackers anymore; even smaller, lesser-known groups are now effectively using this strategy. These malicious actors, including ransomware gangs like […]
Surviving the First Wave: Cybersecurity Lessons from First Quarter
The first quarter of 2025 confirmed that the cyber threat landscape continues to evolve rapidly, with attackers becoming more sophisticated and targeted. This period was marked by a sharp rise in AI-driven phishing, the persistence of ransomware, and increasing risks associated with cloud services and SaaS applications. Here’s a comprehensive summary of what we saw […]
Over 16,000 Fortinet Devices Compromised with Symlink Backdoor
Security researchers have discovered that over 16,500 Fortinet FortiGate firewall devices have been compromised by attackers using a symlink-based backdoor. This attack allows persistent and stealthy remote access to affected systems. The discovery was made by Lexfo Security, and the infections are believed to have started as early as 2022. Despite patches being released by […]
SuperBlack Ransomware Exploits Fortinet Vulnerabilities for Unauthorized Access
A new ransomware group known as ‘Mora_001’ has been identified exploiting two authentication bypass vulnerabilities in Fortinet firewall appliances to deploy a custom ransomware strain named ‘SuperBlack’. Exploited Vulnerabilities: CVE-2025-24472: Initially fixed in January 2025, this vulnerability enables remote attackers to gain super-admin privileges by making maliciously crafted CSF proxy requests. Although Fortinet initially stated […]
Critical RCE bug in Microsoft Outlook now exploited in attacks
CISA Urges U.S. Federal Agencies to Secure Systems Against Critical Microsoft Outlook Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) issued a warning to U.S. federal agencies, urging them to secure their systems against ongoing attacks exploiting a critical remote code execution (RCE) vulnerability in Microsoft Outlook. This vulnerability, identified by Check Point researcher Haifei […]
Understanding the Dark Web: Implications for Financial Assurance
The Dark Web and Financial Institutions The Dark Web, a hidden subset of the internet, presents unique risks and challenges for financial institutions. As a space where anonymity thrives, it has become a hub for illegal activities, including the trade of stolen financial data. Understanding and addressing these risks is essential for the financial assurance […]
Fortinet Warns Users to Beware of Zero-Day Vulnerabilities Already Exploited
CVE-2024-55591 Vulnerability: Authentication Bypass Threat Impacting FortiOS and FortiProxy CVE-2024-55591 is an Authentication Bypass vulnerability affecting FortiOS versions 7.0.0 to 7.0.16 and FortiProxy versions 7.0.0 to 7.0.79 and 7.2.0 to 7.2.12. This vulnerability allows attackers to send malicious requests to the Node.js WebSocket, granting themselves super-admin privileges. Attack Patterns According to observations from Fortinet and […]
AI and Cybersecurity Trends for 2025
This emphasizes the growing sophistication of AI-driven cyber-attacks, characterized by increasingly convincing phishing attempts and adaptive malware. The use of AI to target critical infrastructure further underscores the significant challenges faced by cybersecurity professionals. Moreover, the proliferation of deepfakes and synthetic media will necessitate the development of advanced tools for detection and mitigation. In addition, […]
Understanding How Cybercriminals Operate to Safeguard Your Business
By learning how cybercriminals select their targets and execute attacks, you can take proactive steps to prevent data breaches in your company. To provide deeper insights into attackers’ strategies, we partnered with NordStellar to analyze nearly 2,000 data breach incidents reported between August 31, 2022, and September 1, 2024. Our findings shed light on which […]
Worst Passwords of 2024: A Wake-Up Call for Digital Security
The latest annual study from NordPass on the 200 most common passwords globally highlights a persistent issue: many people continue to choose weak and predictable passwords, leaving their accounts highly vulnerable to cyberattacks. Key Findings Most Popular Passwords: “123456” remains the most widely used password worldwide, followed closely by “123456789” and the aptly named “password.” […]
