#mWISE: US to Implement Game-Changing Cyber Mandates on Medical Devices
Cybersecurity in healthcare products will no longer be an afterthought in the US.From October 1, 2023, every new medical device...
News
International Criminal Court Reveals Security Breach
The International Criminal Court (ICC) yesterday confirmed the discovery of suspicious activity inside its IT network but revealed little else of...
#NITAM: Average Annual Cost of Insider Incidents Reaches $16.2m Per Organization
The average annual cost of insider risk incidents has risen to $16.2m per organization in 2023, up from $15.4m in...
Finnish Authorities Shutter Dark Web Drugs Marketplace
Investigators in Finland have seized and shut down a web server used to operate a local dark web marketplace.Piilopuoti opened...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace
Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade...
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and...
Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability
Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free...
Do You Really Trust Your Web Application Supply Chain?
Well, you shouldn't. It may already be hiding vulnerabilities.# It's the modular nature of modern web applications that has made...
GitLab Releases Urgent Security Patches for Critical Vulnerability
GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user....
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate...
Signal Messenger Introduces PQXDH Quantum-Resistant Encryption
Encrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading...
Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT
Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families...
BlackCat ransomware hits Azure Storage with Sphynx encryptor
Image: Midjourney The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt...
TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams
TikTok is flooded by a surge of fake cryptocurrency giveaways posted to the video-sharing platform, with almost all of the...
APT36 state hackers infect Android devices using YouTube app clones
The APT36 hacking group, aka 'Transparent Tribe,' has been observed using at least three Android apps that mimic YouTube to infect...
New SprySOCKS Linux malware used in cyber espionage attacks
A Chinese espionage-focused hacker tracked as 'Earth Lusca' was observed targeting government agencies in multiple countries, using a new Linux...
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw
An estimated 12,000 Juniper SRX firewalls and EX switches are vulnerable to a fileless remote code execution flaw that attackers...
Are your end-users’ passwords compromised? Here’s how to check.
Passwords have long been used as the primary gatekeepers of digital security, yet they can also be a weak link...
Bumblebee malware returns in new attacks abusing WebDAV folders
The malware loader 'Bumblebee' has broken its two-month vacation with a new campaign that employs new distribution techniques that abuse...
Hackers backdoor telecom providers with new HTTPSnoop malware
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat...
Claimants in Celsius crypto bankruptcy targeted in phishing attack
Scammers are impersonating the bankruptcy claim agent for crypto lender Celsius in phishing attacks that attempt to steal funds from...
GitLab urges users to install security updates for critical pipeline flaw
GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users...
Hackers breached International Criminal Court’s systems last week
The International Criminal Court (ICC) disclosed a cyberattack on Tuesday after discovering last week that its systems had been breached....
