Welcome to the next article in our series on mastering API integration, specifically tailored for the fintech industry. In this article, we ...
Read More
China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents
China’s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data securit...
Read More
Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds
Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating gi...
Read More
Simplifying IT for Better Experiences
In today’s increasingly complex and fragmented technology landscape, organizations must deliver experiences that are reliable, secure, and s...
Read More
Research Discovered 116 Malicious PyPI Packages Downloaded Over 10,000 Times
A cluster of malicious Python projects has been identified in PyPI, the official Python PyPI package repository, which targets both Windows ...
Read More
New Hacker Group Uses SQL Injection to Hack Companies in APAC Region
A new threat actor has been discovered to be using SQL injection attacks to gain unauthorized access to organizations in the APAC region. Th...
Read More
Google's New Tracking Protection in Chrome Blocks Third-Party Cookies
Google on Thursday announced that it will start testing a new feature called "Tracking Protection" starting January 4, 2024, to 1%...
Read More
New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks
A novel multi-platform threat called NKAbuse has been discovered using a decentralized, peer-to-peer network connectivity protocol known as ...
Read More
Reimagining Network Pentesting With Automation
Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders...
Read More
New Dark Web Market OLVX Advertising Variety of Hacking Tools
Threat actors exploit underground markets by purchasing or selling stolen data, malware, and hacking tools to facilitate cybercrime. These ...
Read More
Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks
Threat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widesprea...
Read More
Microsoft Seized Storm-1152 Websites Used to Sell Microsoft Products & Accounts
Hackers sell fake Microsoft products and accounts because it allows them to profit from illicit activities, taking advantage of unsuspecting...
Read More
Beware of Malicious 7ZIP on the Microsoft App Store that Delivers Malware
Hackers target 7ZIP due to its widespread use and popularity, making it a lucrative vector for spreading malware. Exploiting vulnerabilitie...
Read More
How to Analyze Malware’s Network Traffic in A Sandbox
Malware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it...
Read More
Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing
Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency...
Read More
Major Cyber Attack Paralyzes Kyivstar - Ukraine's Largest Telecom Operator
Ukraine's biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting customer access to mobile and internet s...
Read More
Unveiling the Cyber Threats to Healthcare: Beyond the Myths
Let's begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EH...
Read More
Lazarus Group’s Operation Blacksmith Attacking Organizations Worldwide
The Lazarus Group is a notorious North Korean state-sponsored hacking organization known for:- They have been implicated in high-profile inc...
Read More
New Editbot Stealer in Action; Stealing Browser Passwords & Cookies
A new malicious campaign, Editbot Stealer, was discovered in which threat actors use WinRAR archive files with minimal detection to perform ...
Read More
Fortnite Maker Epic Wins Antitrust Case Against Google
Legal win against Google for Epic Games may force Android maker to allow more app stores and alternative payment methods This article has be...
Read More
Apple released iOS 17.2 to address a dozen of security flaws
Apple rolled out emergency security updates to backport patches for two actively exploited zero-day flaws to older devices. The company rele...
Read More
Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws
Apple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, ...
Read More
New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now
Apache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could...
Read More
Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans
The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the oppo...
Read More
How Smart Cars Are Spying You? Most important Privacy Concerns 2024
Privacy concerns related to smart cars primarily revolve around the extensive data collection, sharing, and potential misuse of personal inf...
Read More
Crypto Exchange Founder Pleads Guilty for Dark Web Transfer
Bitzlato Ltd., a cryptocurrency exchange, was founded and is primarily owned by an individual who facilitated transactions between buyers an...
Read More
SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users
Cybersecurity researchers have discovered 18 malicious loan apps for Android on the Google Play Store that have been collectively downloaded...
Read More
New PoolParty Process Injection Techniques Outsmart Top EDR Solutions
A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windo...
Read More
WordPress 6.4.2 fixed a Remote Code Execution (RCE) flaw
WordPress 6.4.2 addressed a security vulnerability that could be chained with another flaw to achieve remote code execution. WordPress relea...
Read More
Security Affairs newsletter Round 449 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you i...
Read More
Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Advanced ransomware campaigns expose need ...
Read More
Critical Automotive Vulnerability Exposes Fleet-wide Hacking Risk
In the fast-evolving landscape of automotive technology, researchers have uncovered a critical vulnerability that exposes an unsettling po...
Read More
Going Cloud Native, and What ?Portability? Really Means
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Re...
Read More
Norton Healthcare disclosed a data breach after a ransomware attack
Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disc...
Read More
Choosing the Perfect Smart Lock for Your Home Security
Installing a smart lock on your home is like building a wall of protection around it. Smart locks have the capacity to provide superior secu...
Read More
Kaneva – 3,901,179 breached accounts
In July 2016, now defunct website Kaneva, the service to "build and explore virtual worlds", suffered a data breach that exposed 3...
Read More
Researchers Exploited GOG Galaxy XPC for Privilege Escalation in macOS
A critical privilege escalation vulnerability has been discovered to affect macOS devices, particularly the GOG Galaxy software-installed ma...
Read More
Two Russian Nationals Charged for Hacking Government Accounts
Two Russian citizens have been charged for being involved in a campaign on behalf of the Russian government to breach computer networks in t...
Read More
WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability
WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with...
Read More
5 Best Ways a Malware Sandbox Can Help Your Company – Threat Analysis Guide 2024
Malware sandboxes are indispensable for threat analysis, but many of their capabilities are often overlooked. On a closer look, they offer a...
Read More
Lazarus Group Attacking Crypto Users Via Telegram to Deploy Malware
In a calculated escalation of cyber warfare, the Lazarus Group, a notorious North Korea hacking unit, has pivoted its focus to cryptocurrenc...
Read More
Building a Robust Threat Intelligence with Wazuh
Threat intelligence refers to gathering, processing, and analyzing cyber threats, along with proactive defensive measures aimed at strengthe...
Read More
Governments May Spy on You by Requesting Push Notifications from Apple and Google
Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according t...
Read More
New Report: Unveiling the Threat of Malicious Browser Extensions
Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the...
Read More
Sierra:21 - Flaws in Sierra Wireless Routers Expose Critical Sectors to Cyber Attacks
A collection of 21 security flaws have been discovered in Sierra Wireless AirLink cellular routers and open-source software components like ...
Read More
Scaling Security Operations with Automation
In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. Howev...
Read More
Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerabi...
Read More
Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution
Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote...
Read More
New Threat Actor 'AeroBlade' Emerges in Espionage Attack on U.S. Aerospace
A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what...
Read More
Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability
Microsoft on Monday said it detected Kremlin-backed nation-state activity exploiting a now-patched critical security flaw in its Outlook ema...
Read More
New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks
New research has unearthed multiple novel attacks that break Bluetooth Classic's forward secrecy and future secrecy guarantees, resultin...
Read More
Make a Fresh Start for 2024: Clean Out Your User Inventory to Reduce SaaS Risk
As work ebbs with the typical end-of-year slowdown, now is a good time to review user roles and privileges and remove anyone who shouldn’t h...
Read More
Subscribe to:
Posts (Atom)