Critical Vulnerability in WordPress Backup Migration Plugin
WordPress has released updates addressing a critical vulnerability (CVE-2023-6553) in their Backup Migration plugin. The vulnerability has a Common Vulnerability...
News
Technology Manufacturers Urged to Eliminate Passwords
The US Cybersecurity and Infrastructure Security Agency (CISA) has published a two-point plan urging technology manufacturers to get rid of...
MongoDB Investigates Customer Account Data Breach
Database provider MongoDB has alerted customers to a data breach in which some account and contact information was compromised.An email...
ALPHV Second Most Prominent Ransomware Strain Before Reported Downtime
ALPHV was the second-most leveraged ransomware strain in North America and Europe between January 2022 and October 2023, just before...
Insurer’s UK Honeypots Attacked 17 Million Times Per Day
Legacy vulnerabilities and Remote Desktop Protocol (RDP) endpoints are being singled out by attackers, according to new data based on...
MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed
Delta Dental of California and affiliates disclosed a data breach following a global security incident linked to the vulnerability in MOVEit...
Qakbot’s Low-Volume Resurgence Targets Hospitality
Cybersecurity researchers spotted new Qakbot activity targeting the hospitality industry last week.According to a Saturday post on X (formerly Twitter)...
Top 7 Trends Shaping SaaS Security in 2024
Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices,...
Rhadamanthys Malware: Swiss Army Knife of Information Stealers Emerges
The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities...
Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to...
Unmasking the Dark Side of Low-Code/No-Code Applications
Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team...
Active Exploitation of Zero-Day Vulnerability in QNAP VioStor Network Video Recorder (NVR)
QNAP has released security updates to address a zero-day vulnerability (CVE-2023-47565) in their NVR products. The vulnerability is reportedly being...
Critical Vulnerability in WordPress Backup Migration Plugin
WordPress has released updates addressing a critical vulnerability (CVE-2023-6553) in their Backup Migration plugin. The vulnerability has a Common Vulnerability...
QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law...
Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam
Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via...
MongoDB Suffers Security Breach, Exposing Customer Data
MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems,...
New Security Vulnerabilities Uncovered in pfSense Firewall Software – Patch Now
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by...
China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents
China's Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security...
New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert...
Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds
Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it's tracking as Storm-0539 for orchestrating...
CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems...
Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft
Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious...
Qbot Malware Returns In Campaign Targeting Hospitality Industry
The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over...
WordPress Hosting Service Kinsta Targeted By Google Phishing Ads
WordPress hosting provider Kinsta is warning customers that Google ads have been observed promoting phishing sites to steal hosting credentials....
