US ARPA-H Initiative Counters Healthcare Cyber-Threats
In a bid to counter cyber-attacks targeting the US healthcare system, the Advanced Research Projects Agency for Health (ARPA-H), operating...
Month: August 2023
MOVEit Exploitation Fallout Drives Record Ransomware Attacks
Ransomware attacks hit record levels in July 2023, driven by the Clop gang’s exploitation of the MOVEit vulnerability, according to...
Cyber-Attack on Australian Utility Firm Energy One Spreads to UK Systems
A cyber-attack on Australian utility company, Energy One Limited (EOL), could have international impact with the firm’s corporate systems in...
Experian Pays $650,000 to Settle Spam Claims
Experian Consumer Services has agreed to a permanent injunction and to pay a civil penalty of $650,000 to settle allegations...
Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims
Cybersecurity-as-a-Service provider Critical Insight has unveiled its 2023 H1 Healthcare Data Breach Report, offering insights into the cybersecurity landscape of...
TP-Link Smart Bulb Spills Wi-Fi Passwords
Security researchers from Italy and London have discovered several vulnerabilities in a popular brand of smart light bulbs, which could...
Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset
Cybersecurity researchers from ESET have uncovered a malicious toolset named Spacecolon that has been deployed to spread variants of the...
Doubling of Identity Theft Victims With Suicidal Thoughts
Some 16% of American identity theft victims have had suicidal thoughts following their experiences, up from just 8% in 2020,...
Artificial Intelligence and USBs Drive 8% Rise in Cyber-Attacks
Check Point Research has released its 2023 Mid-Year Security Report. The research reveals a concerning 8% surge in global weekly...
WinRAR Vulnerability Affects Traders Worldwide
Cybersecurity researchers have exposed a zero-day vulnerability (CVE-2023-38831) in the popular WinRAR compression tool, which cyber-criminals have exploited to target...
XLoader MacOS Malware Variant Returns With OfficeNote Facade
The notorious XLoader malware has resurfaced, posing as a seemingly innocuous office productivity app named “OfficeNote.”Known for its malicious activities...
Duolingo – 2,676,696 breached accounts
HIBP In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained...
US-CERT Vulnerability Summary for the Week of August 14, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infofoldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI...
Evil QR – Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice
Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing. It...
Meta Set to Enable Default End-to-End Encryption on Messenger by Year End
Meta has once again reaffirmed its plans to roll out support for end-to-end encryption (E2EE) by default for one-to-one friends...
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to...
Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead
Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11,...
Spacecolon Toolset Fuels Global Surge in Scarab Ransomware Attacks
A malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab...
Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs...
TPLink Smart bulb Tapo series L530 and Tapo Application information disclosure | CVE-2023-38906
NAME__________TPLink Smart bulb Tapo series L530 and Tapo Application information disclosurePlatforms Affected:TPLink Smart bulb Tapo series L530 1.0.0 TPLink Tapo...
IBM Robotic Process Automation information disclosure | CVE-2023-40370
NAME__________IBM Robotic Process Automation information disclosurePlatforms Affected:IBM Robotic Process Automation 21.0.0 IBM Robotic Process Automation 21.0.7.1Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Robotic...
TPLink Smart bulb Tapo series L530 and Tapo Application information disclosure | CVE-2023-38909
NAME__________TPLink Smart bulb Tapo series L530 and Tapo Application information disclosurePlatforms Affected:TPLink Smart bulb Tapo series L530 1.0.0 TPLink Tapo...
Puma HTTP request smuggling | CVE-2023-40175
NAME__________Puma HTTP request smugglingPlatforms Affected:Puma Puma 5.6.6 Puma Puma 6.3.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Puma is vulnerable to HTTP request smuggling, caused...
EnterpriseDB Postgres Advanced Server UTL_ENCODE information disclosure |
NAME__________EnterpriseDB Postgres Advanced Server UTL_ENCODE information disclosurePlatforms Affected:EnterpriseDB Postgres Advanced Server 11.21 EnterpriseDB Postgres Advanced Server 12.16 EnterpriseDB Postgres Advanced...
