Mozilla Products Remote Code Execution Vulnerability
A vulnerability was identified in Mozilla Products. A remote attacker could exploit some of these vulnerabilities to denial of service...
News
Cybersecurity Awareness Month Celebrates 20 Years
Cybersecurity Awareness Month was founded in 2004 and this year sees the initiative celebrate 20 years of raising awareness of...
Data Theft Overtakes Ransomware as Top Concern for IT Decision Makers
Data theft is a primary concern for IT decision makers, ahead of ransomware attacks, according to a survey conducted by...
Cigna Agrees $172m Payment to Settle Fraud Allegations
A leading health insurer has agreed to pay over $172m to resolve charges it seriously violated the False Claims Act...
Royal Family Website Downed by DDoS Attack
The official website of the UK’s royal family was taken offline by a distributed denial of service (DDoS) attack on...
AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds
The potential for cybercriminals to use AI chatbots to create phishing campaigns has been cause for concern and now it...
FBI Warns of Dual Ransomware Attacks and Data Destruction Trends
The US Federal Bureau of Investigation (FBI) has issued a Private Industry Notification highlighting two concerning trends in the world...
BunnyLoader Malware Targets Browsers and Cryptocurrency
Zscaler ThreatLabz has identified a newly emerging Malware-as-a-Service (MaaS) threat known as "BunnyLoader," available on underground forums. The tool, priced...
Nearly 100,000 Industrial Control Systems Exposed to the Internet
Thousands of organizations around the world are using industrial control systems (ICS) exposed to the public internet, new analysis from...
US-CERT Vulnerability Summary for the Week of September 25, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoaccusoft -- imagegearAn out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of...
Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang
The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors....
Amazon sends Mastercard, Google Play gift card order emails by mistake
10/1/23 update adds Amazon statement below. Amazon mistakenly sent out purchase confirmation emails for Hotels.com, Google Play, and Mastercard gift...
New Marvin attack revives 25-year-old decryption flaw in RSA
A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been...
US-CERT Vulnerability Summary for the Week of September 18, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- cyber_protect_home_officeSensitive information disclosure due to insecure folder permissions. The following...
Cloudflare DDoS protections ironically bypassed using Cloudflare
Cloudflare's Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security...
Microsoft Breach Exposed 60,000 State Department Emails
A sophisticated Chinese cyber-espionage campaign targeting Microsoft Outlook accounts gave Beijing access to tens of thousands of private US government...
MOVEit Developer Patches Critical File Transfer Bugs
Progress Software has urged customers to patch a critical new vulnerability in one of its flagship file transfer software products,...
Phishing, Smishing Surge Targets US Postal Service
Recent weeks have witnessed a significant increase in cyber-attacks targeting the US Postal Service (USPS), mainly through phishing and smishing...
Privacy Regulator Orders End to Spreadsheet FOI Responses
The UK’s information commissioner has called for an immediate end to the use of excel spreadsheets to publish Freedom of Information...
Russian Company Offers $20m For Non-NATO Mobile Exploits
The Russian firm Operation Zero has announced a staggering $20m reward for hacking tools capable of compromising iPhones and Android...
Microsoft’s Bing AI Faces Malware Threat From Deceptive Ads
Microsoft’s Bing Chat has come under scrutiny due to a significant security concern – the infiltration of malicious ads.Malwarebytes researchers...
US-CERT Vulnerability Summary for the Week of September 18, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- cyber_protect_home_officeSensitive information disclosure due to insecure folder permissions. The following...
Lazarus hackers breach aerospace firm with new LightlessCan malware
The North Korean 'Lazarus' hacking group targeted employees of an aerospace company located in Spain with fake job opportunities to...
Discord is investigating cause of ‘You have been blocked’ errors
Many Discord users attempting to access the popular instant messaging and VoIP social platform today have been met with a...
