Undetected Android Trojan Expands Attack on Iranian Banks
Security researchers have uncovered the continuation and expansion of an Android mobile banking Trojan campaign targeting major Iranian banks. Initially discovered...
News
Ardent Health Services Grapples With Ransomware Disruption
Ardent Health Services and its affiliated entities discovered a cybersecurity incident on the morning of November 23 2023, confirming it to...
How to Handle Retail SaaS Security on Cyber Monday
If forecasters are right, over the course of today, consumers will spend $13.7 billion. Just about every click, sale, and...
N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection
The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching"...
Experts Uncover Passive Method to Extract Private RSA Keys from SSH Connections
A new study has demonstrated that it's possible for passive network attackers to obtain private RSA host keys from a...
How Hackers Phish for Your Users’ Credentials and Sell Them
Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set...
Stop Identity Attacks: Discover the Key to Early Threat Detection
Identity and Access Management (IAM) systems are a staple to ensure only authorized individuals or entities have access to specific...
Hackers Can Exploit ‘Forced Authentication’ to Steal Windows NTLM Tokens
Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN...
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine
A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be...
Transform Your Data Security Posture – Learn from SoFi’s DSPM Success
As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
Introducing the guidelines for secure AI
Introducing the guidelines for secure AI Artificial Intelligence (AI) systems have the potential to bring many benefits to society. However,...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
New Rust-based SysJoker backdoor linked to Hamas hackers
A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the...
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
Atomic Stealer malware strikes macOS via fake browser updates
The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware. The ClearFake...
General Electric investigates claims of cyber attack, data theft
General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly...
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to...
New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government
An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what's suspected to...
Critical bug in ownCloud file sharing app exposes admin passwords
Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords...
Cyberattack on IT provider CTS impacts dozens of UK law firms
A cyberattack on CTS, a leading managed service provider (MSP) for law firms and other organizations in the UK legal...
UK and South Korea: Hackers use zero-day in supply-chain attack
The National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) warn that the North Korean Lazarus hacking group...
Cyber-Attack Disrupts UK Property Deals
House sales and purchases across the UK have been disrupted by a cyber-attack affecting multiple conveyancing firms.CTS, a legal sector...
