CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
Month: July 2023
CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These...
CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors
CISA Releases Malware Analysis Reports on Barracuda Backdoors CISA has published three malware analysis reports on malware variants associated with...
CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse
CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse The Australian Signals Directorate’s Australian Cyber...
CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 Ivanti has identified and released patches for a directory traversal vulnerability(link...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
ALPHV ransomware adds data leak API in new extortion strategy
Image: Bing Create The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their...
New Nitrogen malware pushed via Google Ads for ransomware attacks
A new 'Nitrogen' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect...
NATO investigates alleged data theft by SiegedSec hackers
NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest...
Mysterious Decoy Dog malware toolkit still lurks in DNS shadows
Image: Bing Create New details have emerged about Decoy Dog, a largely undetected sophisticated toolkit likely used for at least...
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges...
Swiss visa appointments cancelled in UK due to ‘IT incident’
All appointments for Swiss (Schengen) tourist and transit visas have been cancelled across the UK. TLScontact, the Swiss government's chosen IT...
8 million people hit by data breach at US govt contractor Maximus
U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to...
Lazarus hackers linked to $60 million Alphapo cryptocurrency heist
Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the...
SEC now requires companies to disclose cyberattacks in 4 days
The U.S. Securities and Exchange Commission has adopted new rules requiring publicly traded companies to disclose cyberattacks within four business...
SSNDOB cybercrime market admin faces 15 years after pleading guilty
A Ukrainian man, Vitalii Chychasov, has pleaded guilty in the United States to conspiracy to commit access device fraud and...
CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto
Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in...
WordPress Ninja Forms plugin flaw lets hackers steal submitted data
Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user...
Zimbra patches zero-day vulnerability exploited in XSS attacks
Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting...
BreachForums database and private chats for sale in hacker data breach
While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn,...
Supply Chain Attack Hits NHS Ambulance Trusts
A cyber-attack on an NHS supplier has left two ambulance trusts serving millions of people without access to electronic patient...
NCSC Publishes New Guidance on Shadow IT
The UK’s leading cybersecurity agency has released new guidance for system owners and technical staff on how to manage shadow...
