Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious...
Read More
Twilio Reveals Another Breach from the Same Hackers Behind the August Hack
Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perp...
Read More
Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints
The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka ...
Read More
Fodcha DDoS Botnet Now Capable of 1Tbps Power & Attack 100+ Targets Daily
Fodcha DDoS botnet has made a significant return with a brand new version. This updated version of the Fodcha botnet was revealed to the com...
Read More
MajikPOS – A POS Malware Attack & Steal Payment Data From Credit/Debit Cards
Recently, Group-IB’s cybersecurity researchers have discovered that threat actors exploiting two vulnerabilities from point-of-sale payment ...
Read More
SideWinder Hacker Group Target Government & Military Using WarHawk Tool
Zscaler ThreatLabz found a new backdoor called ‘WarHawk’ being used by the SideWinder APT threat group to target entities in Pakistan. The S...
Read More
Chrome Extension With 1 Million Installation Stealing Data From Brower
It has recently been discovered by the security researchers at Guardio Labs that a new malvertising campaign is on the loose. This malicious...
Read More
Download eBook: Top virtual CISOs share 7 tips for vCISO service providers
Virtual Chief Information Security Officer (vCISO) services (also known as 'Fractional CISO' or 'CISO-as-a-Service') are gro...
Read More
CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware
U.S. cybersecurity and intelligence agencies have published a joint advisory warning of attacks perpetrated by a cybercrime gang known as th...
Read More
Why Ransomware in Education on the Rise and What That Means for 2023
The breach of LA Unified School District (LAUSD) highlights the prevalence of password vulnerabilities, as criminal hackers continue to use ...
Read More
6 Best Free Malware Analysis Tools to Break Down the Malware Samples – 2022
The malware analysis tools simply allow us to know in a quick and effective way, what actions a threat makes in the system. In this way, you...
Read More
Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies' Data Leak
Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that le...
Read More
New Ursnif Variant Likely Shifting Focus to Ransomware and Data Theft
The Ursnif malware has become the latest malware to shed its roots as a banking trojan to revamp itself into a generic backdoor capable of d...
Read More
CISA Warns of Critical Flaws Affecting Industrial Appliances from Advantech and Hitachi
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two Industrial Control Systems (ICS) advisories pertain...
Read More
European Police Arrest a Gang That Hacked Wireless Key Fobs to Steal Cars
Law enforcement authorities in France, in collaboration with Spain and Latvia, have disrupted a cybercrime ring that leveraged a hacking too...
Read More
Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software
HelpSystems, the company behind the Cobalt Strike software platform, has released an out-of-band security update to address a remote code ex...
Read More
New Prestige Ransomware Targeting Polish and Ukrainian Organizations
A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown pa...
Read More
Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite
Zimbra has released patches to contain an actively exploited security flaw in its enterprise collaboration suite that could be leveraged to ...
Read More
INTERPOL-led Operation Takes Down 'Black Axe' Cyber Crime Organization
The International Criminal Police Organization, also called the Interpol, has announced the arrests of 75 individuals as part of a coordinat...
Read More
Node JS Authentication: Role Based vs Attribute-Based Access Control
NodeJS is categorized as a power full platform for developing event-driven web applications that need to offer a low latency experience to i...
Read More
Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack
Web infrastructure and security company Cloudflare disclosed this week that it halted a 2.5 Tbps distributed denial-of-service (DDoS) attack...
Read More
Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers
A threat actor tracked as Polonium has been linked to over a dozen highly targeted attacks aimed at Israelian entities with seven different ...
Read More
Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs
Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an a...
Read More
Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being active...
Read More
New Report Uncovers Emotet's Delivery and Evasion Techniques Used in Recent Attacks
Threat actors associated with the notorious Emotet malware are continually shifting their tactics and command-and-control (C2) infrastructur...
Read More
Hackers Steal $100 Million Cryptocurrency from Binance Bridge
BNB Chain, a blockchain linked to the Binance cryptocurrency exchange, disclosed an exploit on a cross-chain bridge that drained around $100...
Read More
Latest Cyberthreats and Advisories – September 30, 2022
Russian cybercrime, social media corruption and a tidal wave of malicious app downloads…. Here are the latest threats and advisories for t...
Read More
What You Need To Know About Penetration Testing as a Service
There are two primary types of penetration testing: traditional penetration testing and penetration testing as a service. While both have th...
Read More
Mirantis Container Runtime now available in the Microsoft Azure Marketplace
Mirantis has unveiled that Mirantis Container Runtime – latest generation of the Docker Enterprise Engine, the secure container runtime that...
Read More
Everi to leverage Prove’s identity solutions for more intuitive and secure gaming experiences
Prove Identity has unveiled that Everi Payments has selected Prove as one of its solution providers for identity verification services. With...
Read More
Mageia 2022-0361: unbound security update
Non-Responsive Delegation Attack. (CVE-2022-3204) Improves performance when under load, by cutting promiscuous queries for nameserver discov...
Read More
Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite
A severe remote code execution vulnerability in Zimbra's enterprise collaboration software and email platform is being actively exploite...
Read More
History of cybersecurity giants and predictions for the future
As a large part of our daily lives is inseparable from the Internet, cybersecurity has become one of the main concerns for humanity. Thousan...
Read More
Chip maker commits up to $100B for U.S. manufacturing site
The facility planned for upstate New York marks one of the first major new investments by semiconductor companies following the passage of b...
Read More
New SonicWall Survey Data Reveals 91% of Organizations Fear Ransomware Attacks in 2022
Amid an economic downturn, cybersecurity staffing shortages, and endless cyberattacks, financially motivated attacks are the top concern amo...
Read More
Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot
The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it’s been distributing individually via a sub...
Read More
Hackers Have It Out for Microsoft Email Defenses
Cybercriminals are focusing more and more on crafting special email attacks that evade Microsoft Defender and Office security. This article ...
Read More
BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions
In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a...
Read More
Details Released for Recently Patched new macOS Archive Utility Vulnerability
Security researchers have shared details about a now-addressed security flaw in Apple's macOS operating system that could be potentially...
Read More
The Ultimate SaaS Security Posture Management Checklist, 2023 Edition
It's been a year since the release of The Ultimate SaaS Security Posture Management (SSPM) Checklist. If SSPM is on your radar, here...
Read More
19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam
The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to leverage the data leaked followi...
Read More
Former Uber Security Chief Found Guilty of Data Breach Coverup
A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer an...
Read More
PHP Supply Chain Attack – Critical Vulnerability in PHP Central Component
The Packagist has been subjected to a serious vulnerability that impacts its functionality, as reported by the code security company, SonarS...
Read More
Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds
Microsoft has revised its mitigation measures for the newly disclosed and actively exploited zero-day flaws in Exchange Server after it was ...
Read More
Russian Hacker Arrested in India for Reportedly Helping Students Cheat in JEE-Main Exam
India's Central Bureau of Investigation (CBI) on Monday disclosed that it has detained a Russian national for allegedly hacking into a s...
Read More
Popular YouTube Channel Caught Distributing Malicious Tor Browser Installer
A popular Chinese-language YouTube channel has emerged as a means to distribute a trojanized version of a Windows installer for the Tor Brow...
Read More
Researchers Report Supply Chain Vulnerability in Packagist PHP Repository
Researchers have disclosed details about a now-patched high-severity security flaw in Packagist, a PHP software package repository, that cou...
Read More
Back to Basics: Cybersecurity's Weakest Link
A big promise with a big appeal. You hear that a lot in the world of cybersecurity, where you're often promised a fast, simple fix that ...
Read More
Subscribe to:
Posts (Atom)