1. An immediate password check required This subject line is insidious because it taps into a commonplace occurrence in offices across the world: expired passwords. The average employee is juggling dozens of passwords, some of which have set expiration dates. So when an email pops up warning them that their password needs to be updated, it’s
Read More
Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and cookie generation, enabling threat actors to maintain access to a valid session in an unauthorized manner.
Read More
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances. The issues relate to two reflected cross-site scripting (XSS) bugs and one command injection flaw, according to new findings from Sonar. “Security inside a local network
Read More
G oogle on Thursday announced that it will start testing a new feature called “Tracking Protection” starting January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate third-party cookies in the web browser. The setting is designed to limit “cross-site tracking by restricting website access to third-party cookies by default,” Anthony Chavez,
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all