Regulator to Investigate Fertility App Security Concerns
The UK’s data protection regulator is set to review how period and fertility tracking applications process user information, after revealing...
News
CISA Adds Critical RocketMQ Bug to Must-Patch List
The US government has ordered all federal civilian agencies to patch a critical vulnerability in Apache RocketMQ, which is currently...
Apple Patches Two Zero-Days Exploited in Pegasus Attacks
Apple has patched two critical zero-day vulnerabilities exploited in the wild to deliver eavesdropping malware from a notorious commercial spyware...
Russian Man Handed Nine-Year Sentence for Hacking Scheme
A US court has sentenced a Russian businessman to nine years in prison for an elaborate corporate hacking scheme that...
Google TAG Exposes North Korean Campaign Targeting Researchers
Google’s Threat Analysis Group (TAG) has shed light on a cyber campaign originating from North Korea, targeting security researchers engaged...
China Unleashes AI-Powered Image Generation For Influence Operations
China has unveiled a new cyber capability powered by artificial intelligence, enabling the automatic generation of images for influence operations....
Cyber-criminals Exploit GPUs in Graphic Design Software
Security researchers at Cisco Talos have uncovered a scheme that preys on graphic designers and 3D modelers. Cyber-criminals are using...
U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members
The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in...
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have...
Protecting Your Microsoft IIS Servers Against Malware Attacks
Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS...
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers
Threat actors associated with North Korea are continuing to target the cybersecurity community using a zero-day bug in unspecified software...
Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform
Cisco has released security fixes to address multiple security flaws, including a critical bug, that could be exploited by a...
The Initial Access Broker Economy: A Deep Dive into Dark Web Hacking Forums
How much does it cost to buy hacked domain administrator access to a Fortune 500 U.S.chemical manufacturer? More than a...
US and UK sanction 11 TrickBot and Conti cybercrime gang members
The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations. The...
Microsoft: North Korean hackers target Russian govt, defense orgs
Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year....
Windows cryptomining attacks target graphic designer’s high-powered GPUs
Image: Midjourney Cybercriminals are leveraging a legitimate Windows tool called 'Advanced Installer' to infect the computers of graphic designers with...
Johnson & Johnson discloses IBM data breach impacting patients
Johnson & Johnson Health Care Systems ("Janssen") has informed its CarePath customers that their sensitive information has been compromised in...
Google: State hackers attack security researchers with new zero-day
Google's Threat Analysis Group (TAG) says North Korean state hackers are again targeting security researchers in attacks using at least...
CISA warns of critical Apache RocketMQ bug exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical–severity...
Cisco BroadWorks impacted by critical authentication bypass flaw
A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers...
Iranian hackers breach US aviation org via Zoho, Fortinet bugs
Image: Midjourney State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a...
Google Looker Studio abused in cryptocurrency phishing attacks
Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account...
