Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability
Nearly 2,000 Citrix NetScaler instances have been compromised with a backdoor by weaponizing a recently disclosed critical security vulnerability as...
News
Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations
Multiple critical security flaws have been reported in Ivanti Avalanche, an enterprise mobile device management solution that's used by 30,000...
Google Introduces First Quantum Resilient FIDO2 Security Key
Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative....
Guide: How Google Workspace-based Organizations can leverage Chrome to improve Security
More and more organizations are choosing Google Workspace as their default employee toolset of choice. But despite the productivity advantages,...
Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks
Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the...
What’s the State of Credential theft in 2023?
At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams....
Just announced: AI and security standards keynotes at mWISE
Mark your calendar for mWISE™, the uniquely targeted, community-focused cybersecurity conference from Mandiant. It’s taking place September 18–20, 2023 in...
File sharing site Anonfiles shuts down due to overwhelming abuse
Anonfiles, a popular service for sharing files anonymously, has shut down after saying it can no longer deal with the...
Major U.S. energy org targeted in QR code phishing attack
A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious...
Google released first quantum-resilient FIDO2 key implementation
Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema...
CISA warns of critical Citrix ShareFile flaw exploited in the wild
CISA is warning that a critical Citrix ShareFile secure file transfer vulnerability tracked as CVE-2023-24489 is being targeted by unknown...
Massive 400,000 proxy botnet built with stealthy malware infections
Researchers have uncovered a massive campaign that delivered proxy server apps to at least 400,000 Windows systems. The devices act...
Major LinkedIn Account Takeover Campaign Underway
Security researchers have warned of a significant global account takeover campaign targeting LinkedIn users over recent weeks.Cyberint claimed this week...
Digital Safety Advice is Not Getting Through to Women
New research from King’s College London (KCL) has revealed a major gender gap in the provision and effectiveness of online...
Clorox Operations Disrupted By Cyber-Attack
Cleaning product manufacturer Clorox has confirmed significant operational disruption caused by a recent cyber-attack. According to a notice published on the company’s...
Mass-Exploitation Campaign Targets Citrix NetScalers With Backdoors
A widespread cyber-attack targeting thousands of Citrix NetScalers has been unveiled by cybersecurity firm Fox-IT (part of NCC Group) in...
Scammers Exploit Hacked Websites For Phishing
A recent study by cybersecurity firm Kaspersky has revealed the techniques utilized by phishers to evade detection and exploit compromised...
A Third of UK University Students Targeted By Fraud
One in three students at British universities encountered fraud attempts online last year, according to a new study from NatWest.The...
US-CERT Vulnerability Summary for the Week of August 7, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info phoenixcontact -- wp_6xxx_series In PHOENIX CONTACTs WP 6xxx series web panels...
Back to school security against ransomware attacks on K-12 and colleges
A ransomware attack on an educational institution causes more than just class disruption. It can result in lost teaching hours,...
LinkedIn accounts hacked in widespread hijacking campaign
LinkedIn is being targeted in a wave of account hacks resulting in many accounts being locked out for security reasons...
Ivanti Avalanche impacted by critical pre-auth stack buffer overflows
Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage,...
Raccoon Stealer malware returns with new stealthier version
Image: Midjourney The developers of Raccoon Stealer information-stealing malware have ended their 6-month hiatus from hacker forums to promote a...
New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices
Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was...
