New BLISTER Malware Update Fuelling Stealthy Network Infiltration
An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to...
News
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
A previously undocumented "phishing empire" has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over...
9 Alarming Vulnerabilities Uncovered in SEL’s Power Management Products
Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). "The most severe...
Continuous Security: PTaaS Bridges the Gap within Application Security
Pen testing, also known as "ethical hacking," involves a team of cybersecurity professionals tasked to test the resilience of an organization's...
Coffee Meets Bagel says recent outage caused by destructive cyberattack
The Coffee Meets Bagel dating platform confirms last week's outage was caused by hackers breaching the company's systems and deleting...
Crypto casino Stake.com loses $41 million to hot wallet hackers
Image: Midjourney Online cryptocurrency casino Stake.com announced that its ETH/BSC hot wallets had been compromised to perform unauthorized transactions, with...
Atlas VPN zero-day vulnerability leaks users’ real IP address
An Atlas VPN zero-day vulnerability affecting the Linux client leaks a user's real IP address simply by visiting a website....
Chaes malware now uses Google Chrome DevTools Protocol to steal data
The Chaes malware has returned as a new, more advanced variant that includes a custom implementation of the Google DevTools...
ASUS routers vulnerable to critical remote code execution flaws
Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices...
UK National Cyber Security Centre Gets a New CTO
The UK’s National Cyber Security Centre (NCSC) has announced its new chief technology officer (CTO) will be Ollie Whitehouse.Spun out...
Freecycle Breach May Have Hit Millions of Users
A non-profit organization used by millions on both sides of the Atlantic to recycle their possessions has admitted suffering a...
Mend.io SAML Vulnerability Exposed
WithSecure has unveiled a new security vulnerability in Mend.io’s application security platform today, raising concerns about data privacy and potential...
Airlines Battle Surge in Loyalty Program Fraud
Cyber fraudsters have been observed increasingly exploiting vulnerabilities in air miles and customer service systems across the EU, the UK...
More Schools Hit By Cyber-Attacks Before Term Begins
A north London school and a Berkshire schools group have become the latest victims of serious cyber-attacks ahead of the new...
UK Electoral Commission Fails Cybersecurity Test Amid Data Breach
The UK’s Electoral Commission has admitted to failing a crucial cybersecurity test at the same time that hackers breached its...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Key Cybersecurity Tools That Can Mitigate the Cost of a Breach
IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches...
Researchers Warn of Cyber Weapons Used by Lazarus Group’s Andariel Cluster
The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber...
Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia
Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and...
German financial agency site disrupted by DDoS attack since Friday
The German Federal Financial Supervisory Authority (BaFin) announced today that an ongoing distributed denial-of-service (DDoS) attack has been impacting its...
Insurer fined $3M for exposing data of 650k clients for two years
The Swedish Authority for Privacy Protection (IMY) has fined insurer Trygg-Hansa $3 million for exposing on its online portal sensitive data belonging...
Okta: Hackers target IT help desks to gain Super Admin, disable MFA
Identity and access management company Okta released a warning about social engineering attacks targeting IT service desk agents at U.S.-based customers in an attempt...
Hackers exploit MinIO storage system to breach corporate networks
Image: Midjourney Hackers are exploiting two recent MinIO vulnerabilities to breach object storage systems and access private information, execute arbitrary...
Freecycle confirms massive data breach impacting 7 million users
Freecycle, an online forum dedicated to exchanging used items rather than trashing them, confirmed a massive data breach that affected...
