TA866 Resurfaces in Targeted OneDrive Campaign
Cybersecurity researchers at Proofpoint have identified the resurgence of TA866 in email threat campaigns after a hiatus of nine months. Writing...
News
New Malware Campaign Exploits 9hits in Docker Assault
Security researchers have uncovered a novel cyber-attack campaign targeting vulnerable Docker services. The attacks mark the first documented case of...
Iranian Phishing Campaign Targets Israel-Hamas War Experts
Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to...
Illicit Cryptocurrency Flows Drop 39% in 2023
The value of cryptocurrency flowing into illicit addresses in 2023 was nearly two-fifths lower than the figure a year previously,...
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner...
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver...
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to...
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified...
MFA Spamming and Fatigue: When Security Measures Go Wrong
In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To...
Citrix Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Microsoft Edge Multiple Vulnerabilities
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
This Free Discovery Tool Finds and Mitigates AI-SaaS Risks
Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of...
Ishutdown Scripts Can Help Detect Ios Spyware On Your Iphone
Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices...
Amd Apple Qualcomm Gpus Leak Ai Data In Leftoverlocals Attacks
A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from...
Microsoft Iranian Hackers Target Researchers With New Mediapl Malware
Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe...
Bigpanzi Botnet Infects 170 000 Android Tv Boxes With Malware
A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes...
Cisa Pushes Federal Agencies To Patch Citrix Rce Within A Week
Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days...
Wazuh Building Robust Cybersecurity Architecture With Open Source Tools
Cybersecurity architecture refers to the design and structure of an organization's approach to securing its information systems. It outlines the...
Have I Been Pwned Adds 71 Million Emails From Nazapi Stolen Account List
Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to...
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts
High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and...
Active Exploitation of Zero-Day Vulnerability in Google Chrome
Google has released security updates addressing a zero-day vulnerability (CVE-2024-0519) in their Chrome browser on Windows, Mac and Linux systems....
Critical Vulnerabilities in Siemens Products
Siemens has released security updates addressing critical vulnerabilities (CVE-2023-51438 and CVE-2023-49621) in their SIMATIC IPC and SIMATIC NC 4100 products. The...
Active Exploitation of Zero-Day Vulnerability in Citrix’s Netscaler ADC and Gateway Products
Citrix has released security updates addressing a zero-day vulnerability (CVE-2023-6549) in their Netscaler ADC and Gateway products. The vulnerability is...
Active Exploitation of Critical Vulnerability in VMware’s Aria Automation
VMware has released security updates addressing a critical vulnerability (CVE-2023-34063) in VMware Aria Automation. The vulnerability has a Common Vulnerability...
