Cisco Warns Of Critical Rce Flaw In Communications Software
Cisco is warning that several of its Unified Communications Manager (CM) and Contact Center Solutions products are vulnerable to a...
News
Iphone Apps Abuse Ios Push Notifications To Collect User Data
Numerous iOS apps are using background processes triggered by push notifications to collect user data about devices, potentially allowing the...
Blackwood Hackers Hijack Wps Office Update To Install Malware
A previously unknown advanced threat actor tracked as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies...
23andme Data Breach Hackers Stole Raw Genotype Data Health Reports
Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential...
Russian Trickbot Malware Dev Sentenced To 64 Months In Prison
Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating...
Tesla Hacked Again 24 More Zero Days Exploited At Pwn2own Tokyo
Security researchers hacked the Tesla infotainment system and demoed 24 more zero-days on the second day of the Pwn2Own Automotive...
SystemBC Malware’s C2 Server Analysis Exposes Payload Delivery Tricks
Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC. "SystemBC can be...
Critical Jenkins Vulnerability Exposes Servers to RCE Attacks – Patch ASAP!
The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including...
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that's distributed via spear-phishing attacks. The findings come...
China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware
A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests...
Cyber Threat Landscape: 7 Key Findings and Upcoming Trends for 2024
The 2023/2024 Axur Threat Landscape Report provides a comprehensive analysis of the latest cyber threats. The information combines data from...
Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach
Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise's (HPE) cloud email...
New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits
A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads...
Kasseika Ransomware Using BYOVD Trick to Disarm Security Pre-Encryption
The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack...
Hpe Russian Hackers Breached Its Security Teams Email Accounts
Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft...
Global Fintech Firm Equilend Offline After Recent Cyberattack
New York-based global financial technology firm EquiLend says its operations have been disrupted after some systems were taken offline in...
How To Secure Ad Passwords Without Sacrificing End User Experience
Hackers are constantly attempting to steal passwords, with Microsoft tracking 1,287 password attacks every second in 2022. If successful, the...
Vextrio Tds Inside A Massive 70 000 Domain Cybercrime Operation
A previously unknown traffic distribution system (TDS) named 'VexTrio' has been active since at least 2017, aiding 60 affiliates in...
Uk Says Ai Will Empower Ransomware Over The Next Two Years
The United Kingdom's National Cyber Security Centre (NCSC) warns that artificial intelligence (AI) tools will have an adverse near-term impact...
Over 5 300 Gitlab Servers Exposed To Zero Click Account Takeover Attacks
Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month....
Tesla Hacked 24 Zero Days Demoed At Pwn2own Automotive 2024
Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for...
Exploit Code Released For Critical Fortra GoAnywhere Bug
Threat actors could soon strike after a proof-of-concept exploit was published for a critical vulnerability in managed file transfer (MFT)...
AI Set to Supercharge Ransomware Threat, Says NCSC
Malicious AI use will “almost certainly” drive an increase in the volume and impact of cyber-attacks over the next two...
Why Bulletproof Hosting is Key to Cybercrime-as-a-Service
The emergence of cybercrime-as-a-service (RaaS) has lowered the entry barrier into cybercrime by allowing cybercriminals to specialize in only one...
