Why Every Security Practitioner Should Attend mWISE
What’s in store for mWISE 2023? 80+ curated sessions. 90+ hand-picked speakers. 7 session tracks. All the hottest topics in...
News
Over 640 Citrix servers backdoored with web shells in ongoing attacks
Hundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting...
New Collide+Power side-channel attack impacts almost all CPUs
A new software-based power side-channel attack called 'Collide+Power' was discovered, impacting almost all CPUs and potentially allowing data to leak....
Fake FlipperZero sites promise free devices after completing offer
A site impersonating Flipper Devices promises a free Flipper Zero after completing an offer but only leads to shady browser...
Ivanti discloses new critical auth bypass bug in MobileIron Core
IT software company Ivanti disclosed today a new critical security vulnerability in its MobileIron Core mobile device management software. Tracked...
Russian hackers target govt orgs in Microsoft Teams phishing attacks
Microsoft says a hacking group tracked as APT29 and linked to Russia's Foreign Intelligence Service (SVR) targeted dozens of organizations...
CISA in New Warning Over Ivanti Vulnerabilities
US and Norwegian security agencies have released a new security advisory warning that APT actors may be combining exploits for...
Russian Cybersecurity Exec Wanted By Russia and US
An employee at a Russian cybersecurity vendor has found himself at the center of a geopolitical tussle between the US...
OT/IoT Malware Surges Tenfold in First Half of the Year
Malware-related cyber-threats in operational technology (OT) and Internet of Things (IoT) environments jumped tenfold in the first six months of...
Threat Actors Use AWS SSM Agent as a Remote Access Trojan
Threat actors have been observed using Amazon Web Services (AWS) 's System Manager (SSM) agent as a Remote Access Trojan...
AI-Enhanced Phishing Driving Ransomware Surge
Government agencies alongside education and healthcare organizations have become prime targets for ransomware operators over the past three years.According to...
AI-Powered CryptoRom Scam Targets Mobile Users
CryptoRom, a notorious scam that combines fake cryptocurrency trading and romance scams, has taken a new twist by utilizing generative...
Cloud Firm Under Scrutiny For Suspected Support of APT Operations
The cloud firm Cloudzy has come under scrutiny for its alleged support of advanced persistent threat (APT) operations.In a new...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023
About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have...
Researchers Uncover AWS SSM Agent Misuse as a Covert Remote Access Trojan
Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent...
Phishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook Campaign
A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to...
Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures
A Russa-nexus adversary has been linked to 94 new domains, suggesting that the group is actively modifying its infrastructure in...
Top Industries Significantly Impacted by Illicit Telegram Networks
In recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless...
Iranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State Hackers
Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups...
How to manage a mass password reset due to a ransomware attack
Interrupted classes, disrupted planning, and postponed events – IT outages have a big impact on modern university life. But as...
CISA issues new warning on actively exploited Ivanti MobileIron bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of state hackers exploiting two flaws in Ivanti's Endpoint Manager...
Retail chain Hot Topic discloses wave of credential-stuffing attacks
American apparel retailer Hot Topic is notifying customers about multiple cyberattacks between February 7 and June 21 that resulted in...
Cybercriminals train AI chatbots for phishing, malware attacks
In the wake of WormGPT, a ChatGPT clone trained on malware-focused data, a new generative artificial intelligence hacking tool called...
