CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV)...
News
Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware
Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate...
FCC Enforces Stronger Rules to Protect Customers Against SIM Swapping Attacks
The U.S. Federal Communications Commission (FCC) is adopting new rules that aim to protect consumers from cell phone account scams...
Discover 2023’s Cloud Security Strategies in Our Upcoming Webinar – Secure Your Spot
In 2023, the cloud isn't just a technology—it's a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip...
U.S. Cybersecurity Agencies Warn of Scattered Spider’s Gen Z Cybercrime Ecosystem
U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known...
27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts
An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six...
New Samsung data breach impacts UK store customers
Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized...
How DDoS attacks are taking down even the largest tech companies
Distributed Denial of Service (DDoS) attacks certainly come to mind when considering cyberattacks that can cause widespread outages and service...
Toyota confirms breach after Medusa ransomware threatens to leak data
Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa...
Fortinet warns of critical command injection bug in FortiSIEM
Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by...
Long Beach, California turns off IT systems after cyberattack
The Californian City of Long Beach is warning that they suffered a cyberattack on Tuesday that has led them to...
MySQL servers targeted by ‘Ddostf’ DDoS-as-a-Service botnet
MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is...
FBI shares tactics of notorious Scattered Spider hacker collective
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor...
IBM WebSphere Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in IBM WebSphere Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
European Police Take Down $9m Vishing Gang
Police in Ukraine and Czechia claim to have disrupted a multimillion-dollar fraud gang who called victims impersonating bank staff, using...
Half of Ransomware Groups Operating in 2023 Are New
Almost half (29) of the 60 ransomware groups tracked by WithSecure in 2023 began operations this year, the security vendor...
BlackCat Ransomware Group Reports Victim to SEC
A prolific ransomware group appears to have reported one of its victims to the US Securities and Exchange Commission (SEC),...
Russian Hacking Group Sandworm Linked to Unprecedented Attack on Danish Critical Infrastructure
Notorious Russian nation-state threat actor Sandworm has been linked to the largest ever cyber-attack targeting critical infrastructure in Denmark.The incident...
Black Friday: Malwarebytes Warns of Credit Card Skimming Surge
With Black Friday and Cyber Monday around the corner, anti-malware provider Malwarebytes has warned about the rise of credit card...
Cyber-Criminals Exploit Gaza Crisis With Fake Charity
Cybersecurity researchers have uncovered a charity attack exploiting the ongoing events in Gaza and Israel. Cyber-criminals targeted 212 individuals across...
CSA Launches First Zero Trust Certification
The Cloud Security Alliance (CSA) has introduced the Certificate of Competence in Zero Trust (CCZT), the industry’s inaugural authoritative zero...
US-CERT Vulnerability Summary for the Week of November 6, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformThe 1E-Exchange-URLResponseTime instruction that is part of the Network product...
Three Ways Varonis Helps You Fight Insider Threats
What do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary,...
Russian Hackers Linked to ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure
Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure,"...
