Signal Disputes Alleged Zero-Day Flaw
The encrypted messaging app Signal has refuted widespread claims of a zero-day software vulnerability. After an investigation, the company has...
News
Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict
Hacktivists have claimed to hit Israeli websites through DDoS and defacement attacks following the outbreak of conflict between Israel and...
New RomCom Backdoor Targets Female Political Leaders
Japanese cybersecurity provider Trend Micro has uncovered a new malicious campaign targeting female political leaders and attendees of the Women...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
Node.js Multiple Vulnerabilities
Multiple vulnerabilities have been identified in Node.js. A remote attacker can exploit these vulnerabilities to trigger denial of service, security...
US-CERT Vulnerability Summary for the Week of October 2, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- agentLocal privilege escalation due to improper soft link handling. The...
Ubuntu discovers ‘hate speech’ in release 23.10 — how to upgrade?
Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain...
AI algorithm detects MitM attacks on unmanned military vehicles
Professors at the University of South Australia and Charles Sturt University have developed an algorithm to detect and intercept man-in-the-middle...
DarkGate malware spreads through compromised Skype accounts
Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader...
US-CERT Vulnerability Summary for the Week of October 2, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- agentLocal privilege escalation due to improper soft link handling. The...
The Week in Ransomware – October 13th 2023 – Increasing Attacks
Ransomware gangs continue to pummel the enterprise, with attacks causing disruption in business operations and resulting in data breaches if...
23andMe hit with lawsuits after hacker leaks stolen genetics data
Genetic testing provider 23andMe faces multiple class action lawsuits in the U.S. following a large-scale data breach that is believed...
Microsoft plans to kill off NTLM authentication in Windows 11
Microsoft announced earlier this week that the NTLM authentication protocol will be killed off in Windows 11 in the future. NTLM (short for...
CISA shares vulnerabilities, misconfigs used by ransomware gangs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled additional details regarding misconfigurations and security vulnerabilities exploited by ransomware...
Hackers use Binance Smart Chain contracts to store malicious scripts
Cybercriminals are employing a novel code distribution technique dubbed 'EtherHiding,' which abuses Binance's Smart Chain (BSC) contracts to hide malicious...
US Smashes Annual Data Breach Record With Three Months Left
There were 2116 reported US data breaches and leaks in the first nine months of 2023, making it the worst...
Half of Small Businesses Hit by Cyber-Attack Over the Past Year
Cybersecurity has become a top concern for small and medium enterprises (SMEs) and nearly half (48%) of SMEs have experienced...
Chinese APT ToddyCat Targets Asian Telecoms, Governments
A new malicious espionage campaign is targeting telecommunications organizations and governments across Central and Southeast Asia, CheckPoint Research has discovered.The...
Fifth of UK Cybersecurity Pros Work Excessive Hours
The UK’s cybersecurity professionals believe they have excellent career prospects and are employed in a “booming” sector, but many are...
European Police Hackathon Hunts Down Traffickers
Law enforcers from 26 countries came together recently in a hackathon designed to enhance intelligence gathering on human trafficking gangs,...
New Phishing Campaign Uses LinkedIn Smart Links in Blanket Attack
Email security provider Cofense has discovered a new phishing campaign comprising over 800 emails and using LinkedIn Smart Links.The campaign...
California Enacts “Delete Act” For Data Privacy
California Governor Gavin Newsom has signed into law the first bill in the US compelling data brokers to delete all...
UK Regulator Fines Equifax £11m for 2017 Data Breach
The UK’s financial regulator has fined Equifax Ltd. over £11m ($13.4m) for failing to protect UK consumer data stolen in...
Vulnerability Exposed in WordPress Plugin User Submitted Posts
A new vulnerability in the User Submitted Posts WordPress plugin (versions 20230902 and below) has been discovered by the Patchstack...
