Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities
Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat...
News
CISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOS
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and...
Unleashing the power of cloud with containerisation
Unleashing the power of cloud with containerisation One question that the NCSC is often asked, is whether to use containers...
Fbi Disrupts Chinese Botnet By Wiping Malware From Infected Routers
The FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting...
Cisa Warns Of Patched Iphone Kernel Bug Now Exploited In Attacks
CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively...
Exploit Released For Android Local Elevation Flaw Impacting 7 Oems
A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is...
Europcar Denies Data Breach Of 50 Million Users Says Data Is Fake
Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after...
Cisa Vendors Must Secure Soho Routers Against Volt Typhoon Attacks
CISA has urged manufacturers of small office/home office (SOHO) routers to ensure their devices' security against ongoing attacks attempting to hijack...
Ivanti Warns Of New Connect Secure Zero Day Exploited In Attacks
Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day...
Hackers Push Usb Malware Payloads Via News Media Hosting Sites
A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub,...
Johnson Controls Says Ransomware Attack Cost 27 Million Data Stolen
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led...
City Cyber Taskforce Launches to Secure Corporate Finance
Two of the UK’s leading accounting and security bodies are teaming up with others to launch a new taskforce today...
US Sanctions Egyptian IT Experts Aiding ISIS in Cybersecurity
The US government has announced sanctions against two Egyptian IT experts for providing cybersecurity support and training to the terrorist...
Citibank Sued For Failing to Protect Fraud Victims
New York’s attorney general, Letitia James, yesterday launched legal action against one of America’s biggest banks for allegedly failing to...
Pawn Storm’s Stealthy Net-NTLMv2 Assault Revealed
Pawn Storm, an advanced persistent threat (APT) actor also known as APT28, has been targeting high-value entities globally, employing a...
EU Launches First Cybersecurity Certification for Digital Products
The EU has adopted its first Cybersecurity Certification scheme as part of efforts to boost cybersecurity of IT products and...
Sysdig Report Exposes 91% Failure in Runtime Scans
A substantial 91% of runtime scans are failing within organizations, signaling a significant reliance on identifying issues rather than preventing...
US Senators Propose Cybersecurity Agriculture Bill
A new bipartisan bill proposed by two US Senators looks to bolster the cybersecurity of the food and agriculture sector....
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to...
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is...
Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware
A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target...
The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules
The SEC isn't giving SaaS a free pass. Applicable public companies, known as "registrants," are now subject to cyber incident...
Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware
Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an...
Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
