The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies
The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the...
News
Cisco Catalyst SD-WAN Manager flaw allows remote server access
Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to...
Budworm hackers target telcos and govt orgs with custom malware
A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and...
Security researcher stopped at US border for investigating crypto scam
Security researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and...
Progress warns of maximum severity WS_FTP Server vulnerability
Progress Software, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to...
Cisco urges admins to fix IOS software zero-day exploited in attacks
Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the...
Bing Chat responses infiltrated by ads pushing malware
Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware. Bing...
Microsoft breach led to theft of 60,000 US State Dept emails
Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform...
FBI: Dual ransomware attack victims now get hit within 48 hours
The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt...
Cisco Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Google Patches Chrome Zero-Day Used in Spyware Attacks
Google has patched three high-severity flaws in the latest release of its Chrome browser, including one zero-day vulnerability it said...
US and Japan Warn of Chinese Router Attacks
The US and Japanese authorities have urged multi-nationals to consider implementing zero trust models to mitigate a sophisticated Chinese state-backed...
UK Logistics Firm Forced to Close After Ransomware Breach
One of the UK’s largest privately owned logistics firms has entered administration following major disruption to its business caused by...
Android Banking Trojan Zanubis Evolves to Target Peruvian Users
The Android banking Trojan Zanubis has taken on a new guise, posing as the official app for the Peruvian governmental...
Budworm APT Evolves Toolset, Targets Telecoms and Government
The Budworm advanced persistent threat (APT) group, also known as LuckyMouse, Emissary Panda or APT27, has once again demonstrated its active...
Booking.com Customers Targeted in Major Phishing Campaign
Booking.com users have become the focus of a new, large-scale phishing campaign. Discovered by Perception Point and discussed in an...
US Lawmaker: Government Shutdown Will Leave Americans Exposed to Cyber-Attacks
One US lawmaker has warned that the impending government shutdown will put critical cyber workers out of action, leaving Americans...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
Malicious ad served inside Bing’s AI chatbot
In February 2023, Microsoft disclosed its new AI-assisted search engine, Bing Chat, powered by OpenAI's GPT-4. Even though Google has...
Modern GPUs vulnerable to new GPU.zip side-channel attack
Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual...
GitHub repos bombarded by info-stealing commits masked as Dependabot
Hackers are breaching GitHub accounts and inserting malicious code disguised as Dependabot contributions to steal authentication secrets and passwords from...
Fake Bitwarden sites push new ZenRAT password-stealing malware
Fake Bitwarden sites are pushing installers purportedly for the open-source password manager that carry a new password-stealing malware that security...
Building automation giant Johnson Controls hit by ransomware attack
Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices,...
Google fixes fifth actively exploited Chrome zero-day of 2023
Google has patched the fifth Chrome zero-day vulnerability exploited in attacks since the start of the year in emergency security...
