CISA Releases Six New Advisories For Industrial Control Systems

The Cybersecurity and Infrastructure Security Agency (CISA) has issued six new advisories concerning industrial control systems (ICS) on Sep...
Read More

GitLab Urges Organizations To Patch For Authentication Bypass Vulnerability

GitLab, the popular DevOps platform, has issued a critical security advisory urging organizations to immediately patch their self-managed Gi...
Read More

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. T...
Read More

Wherever There's Ransomware, There's Service Account Compromise. Are You Protected?

Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Ident...
Read More

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastr...
Read More

CISA Warns of Five Vulnerabilities Actively Exploited in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding five critical vulnerabilities that are be...
Read More

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an ...
Read More

Cyber Attack on Security Firm Dr.Web Forces Servers Disconnection

In a recent cyberattack, Russian cybersecurity firm Doctor Web (Dr.Web) was forced to disconnect all its servers to mitigate the threat and ...
Read More

What is Block Cipher? – How it Works, Definition & Types

Block ciphers are a fundamental component of modern cryptography, crucial in securing data across various digital platforms. Unlike stream c...
Read More

GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

The GSM Association, the governing body that oversees the development of the Rich Communications Services (RCS) protocol, on Tuesday, said i...
Read More

Chrome 129 Released With Fix for 9 Security Flaws

Google has announced the release of Chrome 129, which is now available on the stable channel for Windows, Mac, and Linux users. This update ...
Read More

VMware vCenter Server Vulnerabilities Let Attackers Execute Remote Code

VMware has disclosed two critical security vulnerabilities affecting its vCenter Server and Cloud Foundation products that could allow attac...
Read More

Apple iOS 18 Released with Fixes for 32 Security Vulnerabilities

Apple has released iOS 18, addressing a total of 32 security vulnerabilities across various components of its operating system. This compreh...
Read More

PoC Exploit Ivanti Endpoint Manager Remote Code Execution Vulnerability

Ivanti Endpoint Manager, a widely used IT management software, has discovered a critical security vulnerability. CVE-2024-29847 vulnerabilit...
Read More

North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to...
Read More

Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure

Apple has filed a motion to "voluntarily" dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk ...
Read More

Azure API Management Vulnerability Let Users Escalate Privileges

A critical vulnerability was recently discovered in Azure API Management (APIM) that allowed users with Reader-level access to escalate thei...
Read More

New Linux Malware Exploiting Oracle Weblogic Servers

Oracle WebLogic Server is an application server that is primarily designed to develop, deploy, and manage enterprise applications based on J...
Read More

Kawasaki Europe Confirms Cyber Attack, RansomHub Claims Responsibility

Kawasaki Motors Europe (KME) has officially confirmed it was the target of a cyberattack in early September, causing temporary disruptions t...
Read More

Port of Seattle Confirms August Cyberattack by Rhysida Ransomware

The Port of Seattle has confirmed that the Rhysida ransomware gang orchestrated the cyberattack that disrupted its systems and operations in...
Read More

17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London

British authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for London ...
Read More

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress ...
Read More

SquareX, Awarded Rising Star Category in CybersecAsia Readers’ Choice Awards 2024

SquareX has been named a winner of the prestigious Rising Star category in CybersecAsia Readers’ Choice Awards 2024 Awards, due to its outst...
Read More

Threat Actor Claims Fortinet Data Breach via Third-Party Service

A threat actor claimed unauthorized access to a third-party cloud-based file-sharing service used by Fortinet. The incident reportedly affec...
Read More

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. ...
Read More

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

The Irish Data Protection Commission (DPC) has announced that it has commenced a "Cross-Border statutory inquiry" into Google'...
Read More

Criminal IP Teams Up with IPLocation.io to Deliver Unmatched IP Solutions to Global Audiences

Criminal IP, a distinguished leader in Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, announced that it has successful...
Read More

Kali Linux 2024.3 Released with 11 New Hacking Tools

The Kali Linux team has released Kali Linux 2024.3, the latest iteration of their popular penetration testing and ethical hacking distributi...
Read More

What is Buffer Overflow?

Buffer overflow is a critical vulnerability in computer security that has persisted for decades. Despite technological advancements and secu...
Read More

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding as...
Read More

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilit...
Read More

Microsoft Security Update, 4 Zero-days & 79 Vulnerabilities Fixed

Microsoft’s September 2024 Patch Tuesday has addressed a significant number of security vulnerabilities, including four zero-day exploits an...
Read More

Information Security Magazine

Latest Cyber Hacking News