Alert: New Phishing Attacks Target Apple IDs of iPhone Users – How to Stay Safe

Cybercriminals have launched a new phishing campaign aimed at iPhone users, specifically targeting their Apple IDs, according to a recent alert from security software company Symantec. These attackers are masquerading as Apple in text messages sent across the U.S., attempting to deceive individuals into surrendering their personal credentials. Symantec reports that Apple IDs are highly…

By Andrej Kovacevic 10th July 2024

Cisco NX-OS Zero-Day Command Injection Vulnerability Under Active Exploitation

A severe vulnerability in the Command Line Interface (CLI) of Cisco NX-OS Software is currently being actively exploited, enabling attackers to execute arbitrary commands as root on compromised devices. This zero-day flaw, identified as CVE-2024-20399, poses a significant risk to network security, particularly for organizations using Cisco’s Nexus and MDS series switches. The vulnerability stems…

By Andrej Kovacevic 2nd July 2024

Kaspersky Lab Denies Alleged Russian Ties Amid US Ban on Its Software

The United States has officially prohibited the sale and distribution of antivirus software and cybersecurity services from Kaspersky Lab, citing concerns over the company’s potential connections to the Russian government. The Department of Commerce’s Bureau of Industry and Security (BIS) announced this measure on June 20. The agency emphasized that the ban stems from fears…

By Andrej Kovacevic 23rd June 2024

Why iOS 17.5’s Surprising Bug Might Make You Rethink Upgrading

Apple iOS 17.5 Major iPhone Software Release: Should You Upgrade? The latest iPhone software update, iOS 17.5, was released on Monday, May 13. Normally, I’d have shared an analysis of the update’s reception sooner, but there’s been an unexpected issue: some users have reported seeing long-deleted photos reappearing. Please note, I’ll update this post on…

By Andrej Kovacevic 19th May 2024

Russia’s APT28 Uses GooseEgg to Exploit CVE-2022-38028

Overview of APT28’s Cyber Operations APT28, also known as Fancy Bear and Forest Blizzard, is a notorious Russian state-sponsored hacking group linked to the Russian military intelligence agency GRU, specifically Unit 26165. This group has been active for over a decade and is primarily involved in cyber espionage activities aimed at collecting intelligence to support…

By Andrej Kovacevic 23rd April 2024

Rise of the Machines: Bots Now Dominate Nearly Half of All Web Traffic

In 2023, the digital landscape saw an unprecedented surge in bot traffic, accounting for nearly half (49.6%) of all global Internet traffic, according to Thales’ 2024 Imperva Bad Bot Report. This represents a 2% increase from the previous year, reaching the highest level recorded since automated traffic monitoring began in 2013. Evolving Threat of Malicious…

By Andrej Kovacevic 20th April 2024

XZ Utils Under Siege: Unmasking the Stealth Backdoor Menace

The cybersecurity landscape is abuzz with the recent uncovering of a meticulously crafted backdoor within XZ Utils, an essential open-source data compression tool widely used across Linux and Unix-like systems. This revelation, brought to light by a vigilant Microsoft developer, underscores the sophisticated nature of supply chain attacks that target the very core of open-source…

By Andrej Kovacevic 2nd April 2024

The Era of Streamlined Cybersecurity: Embracing Automated Penetration Assessments

In today’s digital age, safeguarding network infrastructure is more crucial than ever. Traditionally, penetration testing, a critical component for identifying exploitable security gaps, has been a resource-intensive task. This has led many organizations to limit such evaluations to annual compliance exercises, often overlooking the dynamic nature of cyber threats. However, the landscape is evolving rapidly…

By Andrej Kovacevic 29th March 2024

Human versus Non-Human Character in SaaS

In the rapidly evolving landscape of SaaS security, the emphasis has traditionally been on human users. However, a critical aspect often overlooked is the management of non-human entities accessing these systems. While human-centric security measures like MFA and RBAC are well-established, non-human entities such as integrations, service accounts, and API keys present unique challenges that…

By Andrej Kovacevic 23rd March 2024

Mastery of Cybersecurity: A Deep Dive into CTEM

Focus on Critical Risk Areas But what sets CTEM apart, and more importantly, how does it transcend the existing landscape of Vulnerability Management? At the core of CTEM lies the ability to unearth tangible, actionable threats to vital assets. While anyone can identify security gaps within an organization’s ecosystem, the real challenge lies in sifting…

By Andrej Kovacevic 20th March 2024

TechLoot is the tech advice you can trust

Who we are

Who we are

Our authors have years of experience in a variety of digital industries. Meet the team behind TechLoot.
What we publish

What we publish

We publish thoroughly researched guides over a set of different areas. Learn more about our editorial process.
Who’s it for

Who’s it for

Our content is for everyday tech consumers and enthusiasts who want to stay on top of the latest trends.