Ivanti Vpn Appliances Vulnerable If Pushing Configs After Mitigation
Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable...
News
Apple Issues Patch for Critical Zero-Day in iPhones, Macs – Update Now
Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw...
VMware vCenter Server Multiple Vulnerabilities
Multiple vulnerabilities were identified in VMware vCenter Server. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information...
Russian Spies Brute Force Senior Microsoft Staff Accounts
Russian state hackers managed to compromise the email accounts of some of Microsoft’s senior leadership team, using basic brute-force techniques,...
CISA Emergency Directive Demands Action on Ivanti Zero-Days
A leading US security agency has issued an emergency directive requiring all of the government’s civilian federal agencies to mitigate...
Data Privacy Week: Lack of Understanding, Underfunding Threaten Data Privacy and Compliance
A lack of understanding combined with budgetary squeezes are significant obstacles for organization's navigating data privacy and compliance with data...
LoanDepot Data Breach Hits 16.6 Customers
LoanDepot, one of the largest US-based retail mortgage lenders, has confirmed that around 16.6 million of its customers have had...
New macOS Malware Targets Cracked Apps
Security researchers have discovered a new and previously unknown macOS malware that exploits pirated software to infiltrate users’ systems.The malware, distinct...
Thai Court Blocks 9near.org to Avoid Exposure of 55M Citizens
The Criminal Court in Thailand has issued an order to block the website 9near.org after it threatened to expose the...
US-CERT Vulnerability Summary for the Week of January 15, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor
Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated...
MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a...
NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers
Cybersecurity researchers have discovered a new Java-based "sophisticated" information stealer that uses a Discord bot to exfiltrate sensitive data from...
FTC Bans InMarket for Selling Precise User Location Without Consent
The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling...
52% of Serious Vulnerabilities We Find are Related to Windows 10
We analyzed 2,5 million vulnerabilities we discovered in our customer's assets. This is what we found. Digging into the data...
VMware vCenter Server Multiple Vulnerabilities
Multiple vulnerabilities were identified in VMware vCenter Server. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information...
Tietoevry Ransomware Attack Causes Outages For Swedish Firms Cities
Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one...
Watch Out For I Cant Believe He Is Gone Facebook Phishing Posts
A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting...
Brave To End Strict Fingerprinting Protection As It Breaks Websites
Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes...
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ...
Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has...
Researchers Link 3am Ransomware To Conti Royal Cybercrime Gangs
Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as...
Meta Wont Remove Fake Instagram Profiles That Are Clearly Catfishing
Imposters and romance scammers abusing social media to con people is hardly a novel occurrence. The problem seems to have gotten...
Court Charges Dev With Hacking After Cybersecurity Issue Disclosure
A German court has charged a programmer investigating an IT problem with hacking and fined them €3,000 ($3,265) for what...
