September Android updates fix zero-day exploited in attacks
The September 2023 Android security updates tackle 33 vulnerabilities, including a zero-day bug currently targeted in the wild. This high-severity...
News
How SMEs can use Wazuh to improve cybersecurity
Cybersecurity has become a crucial concern for businesses of all sizes and sectors in today's digital era. Cyber attacks are...
University of Michigan requires password resets after cyberattack
On Tuesday, the University of Michigan (UMICH) warned staff and students that they must reset their account passwords after a...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw
Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that...
Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment...
Mac users targeted in new malvertising campaign delivering Atomic Stealer
Summary Malicious ads for Google searches are targeting Mac users Phishing sites trick victims into downloading what they believe is the...
Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface
In today's digital age, it's not just about being online but how securely your organization operates online. Regardless of size...
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone...
Three CISOs Share How to Run an Effective SOC
The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape...
New BLISTER Malware Update Fuelling Stealthy Network Infiltration
An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to...
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
A previously undocumented "phishing empire" has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over...
9 Alarming Vulnerabilities Uncovered in SEL’s Power Management Products
Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). "The most severe...
Ukraine’s CERT Thwarts APT28’s Cyberattack on Critical Energy Infrastructure
The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical...
Continuous Security: PTaaS Bridges the Gap within Application Security
Pen testing, also known as "ethical hacking," involves a team of cybersecurity professionals tasked to test the resilience of an organization's...
Coffee Meets Bagel says recent outage caused by destructive cyberattack
The Coffee Meets Bagel dating platform confirms last week's outage was caused by hackers breaching the company's systems and deleting...
Crypto casino Stake.com loses $41 million to hot wallet hackers
Image: Midjourney Online cryptocurrency casino Stake.com announced that its ETH/BSC hot wallets had been compromised to perform unauthorized transactions, with...
Atlas VPN zero-day vulnerability leaks users’ real IP address
An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website....
Chaes malware now uses Google Chrome DevTools Protocol to steal data
The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools...
ASUS routers vulnerable to critical remote code execution flaws
Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices...
UK National Cyber Security Centre Gets a New CTO
The UK’s National Cyber Security Centre (NCSC) has announced its new chief technology officer (CTO) will be Ollie Whitehouse.Spun out...
Freecycle Breach May Have Hit Millions of Users
A non-profit organization used by millions on both sides of the Atlantic to recycle their possessions has admitted suffering a...
Mend.io SAML Vulnerability Exposed
WithSecure has unveiled a new security vulnerability in Mend.io’s application security platform today, raising concerns about data privacy and potential...
Airlines Battle Surge in Loyalty Program Fraud
Cyber fraudsters have been observed increasingly exploiting vulnerabilities in air miles and customer service systems across the EU, the UK...
