The development of blockchain industry and how to defend against attacks on DeFi
Nowadays, the blockchain market as a whole is in its infancy, and the decentralized finance (DeFi) market is its most promising part. According to DefiLlama data, in 2021, the...
Crema Finance shuts liquidity protocol on Solana amid hack investigation
Crema Finance, a concentrated liquidity protocol over the Solana blockchain, announced the temporary suspension of its services owing to a successful exploit that has drained a substantial but undisclosed...
Battle-hardened Ronin bridge reopens following $600M hack: Finance Redefined
Welcome to Finance Redefined, your weekly dose of key decentralized finance (DeFi) insights, a newsletter crafted to bring you some of the major developments over the last week.This past...
ICYMI: A Microsoft Warning, Follina, Atlassian, and More
There's no such thing as a slow week for cybercrime, which means that covering the waterfront on all of the threat intelligence and interesting stories out there is a...
DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware
The hacktivist group DragonForce Malaysia has released an exploit that allows Windows Server local privilege escalation (LPE) to grant access to local distribution router (LDR) capabilities. It also announced that it's adding...
OpenSea NFT Marketplace Faces Insider Hack
OpenSea, the largest nonfungible token (NFT) marketplace, this week announced that an employee of one of its email vendors, Customer.io, accessed and downloaded the company's email list. It added that anyone who has...
Google: Hack-for-Hire Groups Present a Potent Threat
The threat associated with nation-state-backed hacking groups has been well-researched and chronicled in recent times, but there's another, equally dangerous set of adversaries that's operated comparatively in the shadows...
What Is CIEM? The Ins and Outs of This Least Privilege Access Solution
Every security professional is familiar with the three pillars of security: people, processes, and technology. They all need to work together to maintain a safe, secure environment — if...
Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data Exfiltration
A critical vulnerability in Zoho’s widely used compliance tool, ManageEngine ADAudit Plus, which monitors changes to Microsoft Active Directory, leaves endpoints vulnerable to unauthenticated users. A successful exploit could...
Exchange Servers Backdoored Globally by SessionManager
Attackers once focused on exploiting ProxyLogon Microsoft Exchange server vulnerabilities have made a pivot to the new SessionManager backdoor, which can be used to gain persistent, undetected access to emails...
