Cyber Security – Page 6 – Simply Secure Group

Google Chromes Device-Bound Session Credentials Now GA to Block Account Takeovers

Google has officially moved Device Bound Session Credentials (DBSC) to general availability in the Chrome browser on Windows, delivering a powerful defense against one of the most persistent threats in modern cybersecurity session cookie theft. Previously available in beta for Google Workspace users, DBSC is now enabled by default across all Workspace customers, Individual subscribers, […]

GREYVIBE Hackers Leverage ChatGPT and Google Gemini to Fuel Cyberattacks

GREYVIBE hackers are increasingly leveraging generative AI tools such as ChatGPT and Google Gemini to enhance cyberattack operations. The campaign, active since at least August 2025, primarily targets Ukraine and related entities across the government, military, and civilian sectors, highlighting a growing convergence between artificial intelligence and modern cyber warfare. WithSecure researchers identified GREYVIBE as […]

Palo Alto Networks PAN-OS Authentication Vulnerability Bypass Exploited in the Wild

Palo Alto Networks authentication bypass vulnerability, CVE-2026-0257, affecting PAN-OS and Prisma Access, is now being actively exploited in the wild, with CISA adding it to the Known Exploited Vulnerabilities (KEV) catalog on May 29, 2026. Palo Alto Networks published its security advisory on May 13, 2026, warning that CVE-2026-0257 enables a remote unauthenticated attacker to […]

Ransomware Uses SYSTEM Scheduled Task to Encrypt Local Drives With Elevated Privileges

A newly analyzed ransomware strain called The Gentlemen is raising serious alarms across the cybersecurity community. Built in the Go programming language and obfuscated with a tool called Garble, it combines powerful per-file encryption with an aggressive ability to spread itself silently across entire networks without any human intervention. Organizations in education, healthcare, transportation, and […]

Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware

A sophisticated phishing campaign is actively targeting financial organizations by using fake Adobe Document Cloud pages to silently install ScreenConnect remote access malware on victim machines. The operation is well-structured, deceptive, and difficult to detect because it blends into everyday enterprise software activity. The campaign works by sending phishing emails that look like legitimate Adobe […]

Hackers Exploit Microsoft Teams Collaboration Features to Impersonate IT Helpdesk Staff

A growing wave of vishing (voice phishing) campaigns in which threat actors abuse Microsoft Teams’ external collaboration features to impersonate IT helpdesk personnel and investigators is now turning to the Microsoft 365 Unified Audit Log (UAL) as a critical forensic data source to reconstruct attack timelines. The attack chain begins when a threat actor operating […]

Hackers Use GHOSTYNETWORKS and OMEGATECH to Host JS Malware Infrastructure

In March 2026, a wave of malicious spam emails began hitting inboxes across multiple countries and industries. Threat actors were quietly distributing a JavaScript-coded backdoor, targeting organizations in sectors as critical as energy, automotive, and government finance. The scale of the operation was wide, and the infrastructure behind it was carefully selected to stay under […]

FortiClient Code Execution Vulnerability Exploited to Deploy EKZ Malware

A newly observed exploitation campaign targeting FortiClient Endpoint Management Server (EMS) has weaponized trusted administrative infrastructure to silently deploy a previously unreported credential stealer across managed enterprise endpoints. In May 2026, Arctic Wolf researchers identified a cluster of malicious activity exploiting CVE-2026-35616, an improper access control vulnerability in FortiClient EMS. The flaw allows unauthenticated threat […]

GHOST STADIUM Phishing Campaign Targets FIFA World Cup Fans With 300+ Fake Domains

As the 2026 FIFA World Cup draws closer, cybercriminals are moving fast to cash in on the excitement. Researchers have uncovered a massive fraud operation targeting fans of the world’s biggest football tournament, with over 300 fake domains already live. The operation is sophisticated, well-funded, and built to deceive even cautious users. With billions of […]

BIND 9 Software Vulnerabilities Exposes Resolvers and Authoritative Servers to Remote Exploits

A series of newly documented vulnerabilities in ISC BIND 9 has raised significant security concerns for DNS infrastructure operators, with multiple flaws enabling denial-of-service (DoS) attacks, memory corruption, and potential remote exploitation. The latest entries in the BIND 9 Software Vulnerability Matrix highlight critical risks affecting both recursive resolvers and authoritative name servers, underscoring the […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.