RansomHub Affiliate leverages Python-based backdoor
In an incident response in Q4 of 2024, GuidePoint Security identified evidence of a threat actor utilizing a Python-based backdoor to maintain access to compromised endpoints. The threat actor later leveraged this access to deploy RansomHub encryptors throughout the entire impacted network. ReliaQuest documented an earlier version of this malware on their website in February 2024….
Identity Security startup Orchid Security raises $36 mln in seed funding
Orchid Security, which focuses on protecting customers’ identity as AI continues to grow, said on Tuesday it raised $36 million in an early stage funding round and emerged from so-called “stealth mode” after a year of working in secrecy. The seed round was led by Intel Capital and Team8, with participation from CapitalOne and other…
US Treasury Department imposes sanctions on Chinese company over Salt Typhoon hack
The U.S. Treasury Department on Friday imposed sanctions on alleged hacker Yin Kechen and cybersecurity company Sichuan Juxinhe Network Technology Co., accusing both of being involved in a series of hacks against American telecom companies. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) in US is sanctioning Yin Kecheng, a Shanghai-based cyber…
Palo Alto Networks Expedition Tool Vulnerability Exposes Cleartext Firewall Passwords
Palo Alto Networks has disclosed multiple critical security vulnerabilities in its Expedition migration tool, including a concerning OS command injection flaw that enables attackers to execute arbitrary commands and access sensitive firewall credentials. The command injection vulnerability (CVE-2025-0107) allows authenticated attackers to run arbitrary OS commands as the www-data user, potentially exposing usernames, cleartext passwords, device…
2025 Predictions for Cyber Trends, Bolster CEO, Rod Schultz
As organization prepare for 2025 to defend and prepare cybersecurity strategies, we can vouch that there would be AI for sophisticated phishing, vishing, and social engineering attacks. This would be accompanied by ransomware and multifaceted extortion can be more disruptive form of cyber crime, impacting various sectors and countries. Along with AI-powered attacks, geopolitical tensions,…
Keycentrix and UST Announce Strategic Partnership to Drive Innovation & Scale
Partnership announcement UST, a leading digital transformation solutions company, announced its partnership with Keycentrix, a leading provider of pharmacy software and technology solutions, to enhance Keycentrix’s product suite, expand market reach, and increase value for customers. With this strategic alliance, Keycentrix is better positioned to deliver next-level pharmacy solutions that harness innovation, advanced technology, and accelerated go-to-market capabilities. This partnership will…
Cloud Box Technologies FortiSASE certification enhances its cybersecurity solutions
Cloud Box Technologies (CBT), a premier systems integrator and IT services specialist in the Middle East, today announced that the company has received the prestigious FortiSASE certification after successfully navigating Fortinet’s rigorous certification process. The FortiSASE certification aligns with CBT’s vision to address the growing demand for secure, scalable, and flexible cloud-based solutions. The certification…
MeitY releases Draft Digital Personal Data Protection Rules, 2025
Meity has drafted the Digital Personal Data Protection Rules, 2025 to facilitate the implementation of the Digital Personal Data Protection Act, 2023 (DPDP Act). It aims to strengthen the legal framework for the protection of digital personal data by providing necessary details and an actionable framework. Stakeholder are invited to share feedback/comments on the draft Rules. Please Click here to view Draft…
‘Security by Design Principal’ is not an option but an important security Strategy; Srinivas Shekar, Pantherun Technologies
Pantherun Technologies in cybersecurity space has Innovating offerings, a unique approach to protecting any device that uses or stores data. The company’s pioneering data protection approach involves the real-time encryption of data, making breaches 10x harder. Pantherun’s vision is to make encryption secure, easy to use and affordable for industries and users everywhere. Today, Pantherun…
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
Hackers target Chrome browser extensions 16 extensions being compromised Exposed over 600,000 users to data exposure and credential theft The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign Hackers used their access permissions to insert malicious code into legitimate extensions in order to steal cookies and user access…