MPs Dangerously Uninformed About Facial Recognition – Report
Most British lawmakers are unaware or misinformed about how and where facial recognition technology (FRT) is being used, and the...
News
ICBC and Allen & Overy Hit By Ransomware
Two giants of the banking and legal sectors have been breached by suspected ransomware actors, according to reports.Allen & Overy...
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security...
Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes
The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage...
Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of...
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization....
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate...
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October...
OpenAI confirms DDoS attacks behind ongoing ChatGPT outages
OpenAI has been addressing "periodic outages" due to DDoS attacks targeting its API and ChatGPT services within the last 24...
Google ads push malicious CPU-Z app from fake Windows news site
A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the...
Kyocera AVX says ransomware attack impacted 39,000 individuals
Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a...
Industrial and Commercial Bank of China hit by ransomware attack
Image: Adrian Grycuk/CC BY-SA 3.0 PL The Industrial & Commercial Bank of China (ICBC) is restoring systems and services following...
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and...
Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the...
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT...
MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel
Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting...
When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules
While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information...
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP)...
WhatsApp Introduces New Privacy Feature to Protect IP Address in Calls
Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls"...
BlueNoroff hackers backdoor Macs with new ObjCShellz malware
The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote...
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at...
TransForm says ransomware data breach affects 267,000 patients
Shared service provider TransForm has published an update on the cyberattack that recently impacted operations in multiple hospitals in Ontario,...
