Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On February 12, 2025, Palo Alto Networks published a security advisory for CVE-2025-0108, an authentication bypass vulnerability in the management web interface of PAN-OS. The vulnerability was responsibly disclosed to Palo Alto Networks by Assetnote, who published a blog article with technical details about how to exploit the vulnerability the same day it was disclosed. Since then, proof-of-concept exploit code has emerged publicly.

At KnowBe4, we constantly strive to stay ahead of emerging threats and create training content to warn users about the latest tactics used by cybercriminals. One of the ways we do this is through our internally produced demo video productions, which used to star the incredible Kevin Mitnick and his legendary hacking demos. In these modules we showcase real-world attack scenarios and provide actionable insights on how to defend against them. Last year my colleague Dr.

Several Russian threat actors, including the SVR’s Cozy Bear, are launching highly targeted spear phishing attacks against Microsoft 365 accounts, according to researchers at Volexity. The attackers are impersonating employees at the US State Department, the Ukrainian Ministry of Defence, the European Union Parliament, and well-known research institutions.

The origin of the word “Rhadamanthys”, goes back to Greek mythology where he was a legendary figure who ruled as king of Crete. Born to Zeus and Europa, he held the status of demigod and was renowned for his wisdom. Rhadamanthys Stealer is a sophisticated information stealer written in C++ that employs multiple evasion techniques. The malware utilizes a custom packer for code obfuscation and incorporates anti-VM and anti-debugging mechanisms to prevent analysis.

As technologies continue to advance, it is crucial to have secure and stable mechanisms for authentication to protect essential data from malicious access. Token-based authentication is a technique that has proven effective in curbing security threats, chiefly because it is easy and secure. Here, we present a great-length tutorial before discussing token-based authentication, which comprises its types, how it works, why it is crucial, its advantages, techniques, and applications.

In cybersecurity as in sports, teamwork makes the dream work. In a world where security analysts can feel constantly bombarded by threat actors, banding together to share information and strategies is increasingly important. Over the last few years, security operations center (SOC) analysts started sharing open source Sigma rules to create and share detections that help them level the playing field.

According to the 2024 Verizon Data Breach Investigations Report, 75% of cyber attacks involve exploiting compromised privileged credentials, making privileged access one of the most sought-after attack vectors. Additionally, 60% of organizations cite insider threats as the primary cause of data breaches, highlighting the critical need to secure privileged accounts against both external and internal threats.