New SLAM attack steals sensitive data from AMD, future Intel CPUs
Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs...
News
Russian APT28 Exploits Outlook Bug to Access Exchange
A prolific Russian state-sponsored APT group is actively exploiting a known vulnerability in Outlook to access email accounts in Exchange...
US Federal Agencies Miss Deadline for Incident Response Requirements
Although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to...
Porn Age Checks Threaten Security and Privacy, Report Warns
New legal requirements to check users’ ages before they can access pornography online could create serious security and privacy risks,...
Sellafield Accused of Covering Up Major Cyber Breaches
A UK facility containing the world’s largest stockpile of civil plutonium has been breached by hackers linked to Russia and...
Disney+ Cyber Scheme Exposes New Impersonation Attack Tactics
Brand impersonation in cyber-attacks has reached new levels of sophistication, a recent research article by Abnormal Security has highlighted. Traditionally observed in...
Police Arrest 1000 Suspected Money Mules
Global law enforcers have arrested just over 1000 individuals suspected of money laundering, and identified thousands more, in a new...
UK FCA Warns of Christmas Loan Fee Fraud Surge
The UK’s financial regulator has warned UK households struggling with the high cost of living to be on the lookout...
SpyLoan Scams Target Android Users With Deceptive Apps
Security researchers have uncovered a surge in deceptive Android loan apps since the beginning of 2023. These applications, posing as legitimate...
78% of CISOs Concerned About AppSec Manageability
A substantial 78% of CISOs have expressed concerns about the current unmanageability of application security (AppSec) attack surfaces, emphasizing the...
Trojan-Proxy Threat Expands Across macOS, Android and Windows
Security researchers have identified a new threat involving cracked applications distributed by unauthorized websites, concealing a Trojan-Proxy designed to compromise...
Deutsche Wohnen Ruling Set to Drive Up GDPR Fines
Legal experts have warned that a “landmark” ruling by the European Court of Justice (ECJ) could have major financial ramifications...
LockBit Remains Top Global Ransomware Threat
The LockBit ransomware strain continues to be the primary digital extortion threat to all regions, and almost all industries globally,...
US-CERT Vulnerability Summary for the Week of November 27, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapache -- dolphinschedulerExposure of Sensitive Information to an Unauthorized Actor vulnerability in...
SpyLoan Android malware on Google Play downloaded 12 million times
More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this...
Multiple NFT collections at risk by flaw in open-source library
A vulnerability in an open-source library that is common across the Web3 space impacts the security of pre-built smart contracts,...
Holiday Hackers: How to Safeguard Your Service Desk
Hackers really don’t take holidays, but they will take advantage of them. Consumer traffic rises sharply during the holidays. Correspondingly,...
Hackers breach US govt agencies using Adobe ColdFusion exploit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified...
Kali Linux 2023.4 released with GNOME 45 and 15 new tools
Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and...
HTC Global Services confirms cyberattack after data leaked online
IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware...
New AeroBlade hackers target aerospace sector in the U.S.
A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector. The...
Stealthier version of P2Pinfect malware targets MIPS devices
The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS (Microprocessor without Interlocked Pipelined...
December Android updates fix critical zero-click RCE flaw
Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code...
Tipalti investigates claims of data stolen in ransomware attack
Updated 12/4/23 to include information from Roblox. Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network...
