Meta, the company formerly known as Facebook, announced Tuesday that it took action against four separate malicious cyber groups from Pakist...
Read More
Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware
The notorious Emotet malware is staging a comeback of sorts nearly 10 months after a coordinated law enforcement operation dismantled its co...
Read More
New Blacksmith Exploit Bypasses Current Rowhammer Attack Defenses
Cybersecurity researchers have demonstrated yet another variation of the Rowhammer attack affecting all DRAM (dynamic random-access memory) ...
Read More
Researchers Demonstrate New Way to Detect MitM Phishing Kits in the Wild
No fewer than 1,220 Man-in-the-Middle (MitM) phishing websites have been discovered as targeting popular online services like Instagram, Goo...
Read More
FBI Email Servers Hacked to Distribute Spam Email Impersonating FBI Warnings
Hackers have recently chopped into the external email system of the US Federal Bureau of Investigation (FBI). And the FBI has reinforced tha...
Read More
New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks
A new politically-motivated hacker group named "Moses Staff" has been linked to a wave of targeted attacks targeting Israeli organ...
Read More
SharkBot — A New Android Trojan Stealing Banking and Cryptocurrency Accounts
Cybersecurity researchers on Monday took the wraps off a new Android trojan that takes advantage of accessibility features on the devices to...
Read More
Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic
A new analysis of website fingerprinting (WF) attacks aimed at the Tor web browser has revealed that it's possible for an adversary to g...
Read More
North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro
Lazarus, the North Korea-affiliated state-sponsored group, is attempting to once again target security researchers with backdoors and remote...
Read More
How to Tackle SaaS Security Misconfigurations
Whether it's Office 365, Salesforce, Slack, GitHub or Zoom, all SaaS apps include a host of security features designed to protect the bu...
Read More
10,000+ websites and apps are vulnerable to Magecart
This article has been indexed from Help Net Security Some of the world’s largest companies across retail, banking, healthcare, energy and ma...
Read More
Cloud API Services, Apps and Containers Will Be Targeted in 2022
This article has been indexed from McAfee Blogs McAfee Enterprise and FireEye recently teamed to release their 2022 Threat Predictions. In t...
Read More
FBI’s Email System Hacked to Send Out Fake Cyber Security Alert to Thousands
This article has been indexed from The Hacker News The U.S. Federal Bureau of Investigation (FBI) on Saturday confirmed unidentified threat ...
Read More
What Do You Need to Proactively Identify Cyber-Security Threats?
In today’s world, almost all businesses are running online with different software. Every company in the world sometimes encounters a secur...
Read More
FBI's Email System Hacked to Send Out Fake Cyber Security Alert to Thousands
The U.S. Federal Bureau of Investigation (FBI) on Saturday confirmed unidentified threat actors have breached one of its email servers to bl...
Read More
Report: 99% of federal security pros want the government to increase data protection
This article has been indexed from Security – VentureBeat Federal security professionals cite common challenges to cybersecurity, like a lac...
Read More
Ransomware attacks are getting more complex and even harder to prevent
This article has been indexed from Security – VentureBeat Ransomware attackers are making attacks more complex and costly by acting on poten...
Read More
NINJIO appoints Brett Wahlin to Board of Directors
This article has been indexed from Help Net Security NINJIO announced the appointment of Brett Wahlin to their board of directors. Brett wil...
Read More
Carrier strengthens cybersecurity program with CVE Numbering Authority
This article has been indexed from Help Net Security Carrier has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CN...
Read More
TrickBot Operators Abusing Windows 10 App Installer To Install BazarLoader Malware
The Principal Researcher of the SophosLabs security firm, Andrew Brandt spotted that to deploy BazarLoader malware on the victim’s systems t...
Read More
Threat from Organized Cybercrime Syndicates Is Rising
This article has been indexed from Threatpost Europol reports that criminal groups are undermining the EU’s economy and its society, offerin...
Read More
Retail giant Costco discloses data breach, payment card data exposed
This article has been indexed from Security Affairs Costco Wholesale Corporation discloses a data breach, threat actors had access to custom...
Read More
Join Us for the Student Contributor Program Information Session!
This article has been indexed from Lawfare Are you a current law student interested in writing and researching for Lawfare? Join our Student...
Read More
Palo Alto Warns of Zero-Day Bug in Firewalls Let Hackers Execute an Arbitrary Code Remotely
A Zero-Day vulnerability has been identified by the Massachusetts-based cybersecurity firm Randori in Palo Alto Networks firewalls using Glo...
Read More
Hackers Increasingly Using HTML Smuggling in Malware and Phishing Attacks
Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy...
Read More
Abcbot — A New Evolving Wormable Botnet Malware Targeting Linux
Researchers from Qihoo 360's Netlab security team have released details of a new evolving botnet called "Abcbot" that has been...
Read More
Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-parched zero-day in macOS oper...
Read More
Researchers Uncover Hacker-for-Hire Group That's Active Since 2015
A new cyber mercenary hacker-for-hire group dubbed "Void Balaur" has been linked to a string of cyberespionage and data theft acti...
Read More
TrickBot Operators Partner with Shathak Attackers for Conti Ransomware
The operators of TrickBot trojan are collaborating with the Shathak threat group to distribute their wares, ultimately leading to the deploy...
Read More
Navigating The Threat Landscape 2021 – From Ransomware to Botnets
Though we are recovering from the worst pandemic, cyber threats have shown no sign of downshifting, and cybercriminals are still not short o...
Read More
Iran's Lyceum Hackers Target Telecoms, ISPs in Israel, Saudi Arabia, and Africa
A state-sponsored threat actor allegedly affiliated with Iran has been linked to a series of targeted attacks aimed at internet service prov...
Read More
Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN
A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-b...
Read More
Researchers Discover PhoneSpy Malware Spying on South Korean Citizens
An ongoing mobile spyware campaign has been uncovered snooping on South Korean residents using a family of 23 malicious Android apps to siph...
Read More
13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment
As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and us...
Read More
14 New Security Flaws Found in BusyBox Linux Utility for Embedded Devices
Cybersecurity researchers on Tuesday disclosed 14 critical vulnerabilities in the BusyBox Linux utility that could be exploited to result in...
Read More
As the move to the cloud accelerates, data privacy and security remain critical
This article has been indexed from Help Net Security Organizations are increasingly adopting multiple cloud technologies to keep up with the...
Read More
How to Keep Your Customer Relationship Management Software Secure
Having great customer relationship managementsoftware is absolutely essential if you are a business that is looking to plan and execute a su...
Read More
Microsoft Issues Patches for Actively Exploited Excel, Exchange Server 0-Day Bugs
Microsoft has released security updates as part of its monthly Patch Tuesday release cycle to address 55 vulnerabilities across Windows, Azu...
Read More
Unique Challenges to Cyber-Security in Healthcare and How to Address Them
No business is out of danger of cyberattacks today. However, specific industries are particularly at risk and a favorite of attackers. For y...
Read More
Robinhood Trading App Suffers Data Breach Exposing 7 Million Users' Information
Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted...
Read More
Suspected REvil Ransomware Affiliates Arrested in Global Takedown
Romanian law enforcement authorities have announced the arrest of two individuals for their roles as affiliates of the REvil ransomware fami...
Read More
Critical Flaws in Philips TASY EMR Could Expose Patient Data
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of critical vulnerabilities affecting Philips Tasy electronic me...
Read More
Experts Detail Malicious Code Dropped Using ManageEngine ADSelfService Exploit
At least nine entities across the technology, defense, healthcare, energy, and education industries were compromised by leveraging a recentl...
Read More
BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups
A previously undocumented initial access broker has been unmasked as providing entry points to three different threat actors for mounting in...
Read More
Types of Penetration Testing
If you are thinking about performing a penetration test on your organization, you might be interested in learning about the different types ...
Read More
Younger generations care little about cybersecurity
This article has been indexed from Help Net Security SailPoint released a survey which aimed to identify gaps within organizations’ cybersec...
Read More
Pros and cons of using open-source software
Since the late 1980s, when it pioneered, open-source software has come a long way. A lot of IT experts recommend both medium and small enter...
Read More
Hard-coded Key-based SSH Authentication Flaw in Cisco Policy Suite Lets Hackers Gain Root Access
In different Cisco products to inscribe vulnerabilities, Cisco Systems has recently published some security updates. As in Cisco Policy Suit...
Read More
These Are The Biggest Mistakes Companies Commit When Addressing Data Security
The 2021 Privacy Benchmark Study by Cisco reveals that 34% of 4,700 security experts say that data security is one of the core responsibilit...
Read More
Two NPM Packages With 22 Million Weekly Downloads Found Backdoored
In what's yet another instance of supply chain attack targeting open-source software repositories, two popular NPM packages with cumulat...
Read More
Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild
A now-patched critical remote code execution (RCE) vulnerability in GitLab's web interface has been detected as actively exploited in th...
Read More
Product Overview - Cynet Centralized Log Management
For most organizations today, the logs produced by their security tools and environments provide a mixed bag. On the one hand, they can be a...
Read More
Our journey to API security at Raiffeisen Bank International
This article was written by Peter Gerdenitsch, Group CISO at Raiffeisen Bank International, and is based on a presentation given during Imvi...
Read More
Subscribe to:
Posts (Atom)