Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers
A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations...
News
Iranian Nation-State Actor OilRig Targets Israeli Organizations
Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in...
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
Thorough, independent tests are a vital resource for analyzing provider's capabilities to guard against increasingly sophisticated threats to their organization....
Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS,...
New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users...
High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
Building on our history of cryptographic research
Building on our history of cryptographic research Our organisation has a long history of cryptographic research. As the UK national technical authority for...
GitHub passkeys generally available for passwordless sign-ins
GitHub has made passkeys generally available across the platform today to secure accounts against phishing and allow passwordless logins for...
Pizza Hut Australia warns 193,000 customers of a data breach
Pizza Hut Australia is sending data breach notifications to customers, warning that a cyberattack allowed hackers to access their personal...
‘Sandman’ hackers backdoor telcos with new LuaDream malware
A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia,...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
US Government in Snatch Ransomware Warning
Authorities in the US released a new cybersecurity advisory yesterday updating organizations on the latest tactics, techniques and procedures (TTPs)...
Scams Now Make Up 75% of Cyber-Threats
Scams involving human manipulation comprised 75% of all desktop threats in the first half of 2023, according to new data...
Bot Attack Costs Double to $86m Annually
The typical business in the US and UK loses over 4% of their online revenue every year due to malicious...
UK-US Confirm Agreement for Personal Data Transfers
The UK government has announced its decision to establish a data bridge with the US, enabling the free flow of...
New Ransomware Victims Surge by 47% with Gangs Targeting Small Businesses
Ransomware attackers are shifting away from “big game” targets and towards easier, less defended organizations, a new report from Trend...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
Signal adds quantum-resistant encryption to its E2EE messaging protocol
Signal has announced that it upgraded its end-to-end communication protocol to use quantum-resistant encryption keys to protect users from future...
Expensive Investigations Drive Surging Data Breach Costs
The dreaded data breach is an outcome feared by companies of all sizes in today’s threat landscape, largely due to...
P2PInfect botnet activity surges 600x with stealthier malware variants
The P2PInfect botnet worm is going through a period of highly elevated activity volumes starting in late August and then...
T-Mobile app glitch let users see other people’s account info
Today, T-Mobile customers said they could see other peoples' account and billing information after logging into the company's official mobile...
TransUnion denies it was hacked, links leaked data to 3rd party
Credit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data...
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect...
