Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by...
News
New Hunters International ransomware possible rebrand of Hive
A new ransomware-as-a-service brand named Hunters International has emerged using code used by the Hive ransomware operation, leading to the...
Pirate IPTV network in Austria dismantled and $1.74 million seized
The Austrian police have arrested 20 people across the country linked to an illegal IPTV network that, between 2016 and...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
Hackers email stolen student data to parents of Nevada school district
Image: CCSD The Clark County School District (CCSD) in Nevada is dealing with a potentially massive data breach, as hackers...
HackerOne paid ethical hackers over $300 million in bug bounties
HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
New findings have shed light on what's said to be a lawful attempt to covertly intercept traffic originating from jabberru...
Lazarus hackers breached dev repeatedly to deploy SIGNBT malware
The North Korean Lazarus hacking group repeatedly compromised a software vendor using flaws in vulnerable software despite multiple patches and warnings...
F5 fixes BIG-IP auth bypass allowing remote code execution attacks
A critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the...
The Week in Ransomware – October 27th 2023 – Breaking Records
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023....
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto
The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits (and multiple bug...
CISO Best Practices for Managing Cyber Risk
Leading CISOs have offered best practices for security leaders on how to manage cyber risks effectively during the ISC2 Security...
CISOs Can Elevate Their Role with New Cyber Regulations
New cybersecurity rules and regulations offer security leaders a great opportunity to elevate their role at their organizations, boosting security...
Microsoft Sounds Alarm Over English-Speaking Octo Tempest
Microsoft has described the Octo Tempest (aka Scattered Spider, 0ktapus, UNC3944) group as “one of the most dangerous financial criminal...
Security Agency Rolls Out Protective DNS for Schools
The UK’s National Cyber Security Centre (NCSC) has announced the launch of a new offering designed to prevent school users...
#ISC2Congress: Generative AI A Boon for Organizations Despite the Risks, Experts Say
Generative AI is too beneficial to abandon despite the threats it poses to organizations, according to experts speaking at the...
Nigerian Police Dismantle Major Cybercrime Hub
Nigerian police have uncovered and shut down a cybercrime recruitment and training center in the country’s capital.A post on X...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was...
Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats
Google has announced that it's expanding its Vulnerability Rewards Program (VRP) to compensate researchers for finding attack scenarios tailored to...
F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution
F5 has alerted customers of a critical security vulnerability impacting BIG-IP that could result in unauthenticated remote code execution. The...
How to Keep Your Business Running in a Contested Environment
When organizations start incorporating cybersecurity regulations and cyber incident reporting requirements into their security protocols, it's essential for them to...
Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks
Cloudflare says the number of hyper-volumetric HTTP DDoS (distributed denial of service) attacks recorded in the third quarter of 2023...
