Cybersecurity

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models 

SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models 

SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild.
The vulnerabilities in question are listed below –

CVE-2023-44221 (CVSS score: 7.2) – Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to

Smashing Security podcast #415: Hacking hijinks at the hospital, and WASPI scams 

Smashing Security podcast #415: Hacking hijinks at the hospital, and WASPI scams 

He’s not a pop star, but Jeffrey Bowie is alleged to have toured staff areas of a hospital in Oklahoma, hunting for computers he could install spyware on. We dive into the bizarre case of the man accused of hacking medical networks and then sharing how he did it on LinkedIn.

Plus! Move over Nigerian princes — the WASPI scams are here. Fraudsters are now targeting UK women born in the 1950s, exploiting pension injustice for phishing gain.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Alleged ‘Scattered Spider’ Member Extradited to U.S. 

Alleged ‘Scattered Spider’ Member Extradited to U.S. 

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims.

Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense 

Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense 

As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new report from Tenable.
MCP, launched by Anthropic in November 2024, is a framework designed to connect

[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats 

[Free Webinar] Guide to Securing Your Entire Identity Lifecycle Against AI-Powered Threats 

How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore.
Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause long-term damage—all without

Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool 

Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool 

A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks.
“Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and

Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About 

Customer Account Takeovers: The Multi-Billion Dollar Problem You Don’t Know About 

Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this: 
“The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these Spanish shows I’ve never seen

Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks 

Nebulous Mantis Targets NATO-Linked Entities with Multi-Stage Malware Attacks 

Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022.
RomCom “employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging

RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control 

RansomHub Went Dark April 1; Affiliates Fled to Qilin, DragonForce Claimed Control 

Cybersecurity researchers have revealed that RansomHub’s online infrastructure has “inexplicably” gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation.
Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that “disclosures on its DLS [data leak site] have doubled since

Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code 

Meta Launches LlamaFirewall Framework to Stop AI Jailbreaks, Injections, and Insecure Code 

Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others.
The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield.
PromptGuard 2 is designed to detect direct

NEW CUSTOMERS CALL TODAY: 720.221.6804  |  EXISTING CUSTOMERS REQUIRING SUPPORT: 303.617.6442

X