Monti ransomware targets VMware ESXi servers with new Linux locker
The Monti ransomware gang has returned, after a two-month break from publishing victims on their data leak site, using a new...
News
Authorities Take Down Lolek Bulletproof Hosting Provider
Police have taken down a Lolek bulletproof hosting service used by criminals to launch cyber-attacks across the world.The takedown was...
Alberta Dental Services Security Breach Exposes 1.47M Records
Alberta Dental Service Corporation (ADSC) has revealed that nearly 1.47 million individuals have been affected by a data breach that...
Several Flaws Found in CyberPower and Dataprobe Products
A series of security vulnerabilities have been discovered in CyberPower’s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe’s...
Microsoft: Critical CODESYS Flaws Could Shut Down Power Plants
Microsoft researchers have identified multiple high-severity vulnerabilities that could enable threat actors to shut down power plants.The flaws were discovered...
Security Researchers Publish Gigabud Banking Malware Analysis
Cybersecurity researchers have published a new analysis of the elusive Gigabud banking malware. Originating as an Android Remote Access Trojan (RAT),...
US-CERT Vulnerability Summary for the Week of August 7, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info phoenixcontact -- wp_6xxx_series In PHOENIX CONTACTs WP 6xxx series web panels...
QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord
A new remote access trojan (RAT) called QwixxRAT is being advertised for sale by its threat actor through Telegram and...
Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability
E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at...
New Financial Malware ‘JanelaRAT’ Targets Latin American Users
Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that's capable of capturing sensitive information...
Identity Threat Detection and Response: Rips in Your Identity Fabric
Why SaaS Security Is a Challenge# In today's digital landscape, organizations are increasingly relying on Software-as-a-Service (SaaS) applications to drive...
Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks
Germany's Federal Office for the Protection of the Constitution (BfV) has warned of cyber attacks targeting Iranian persons and organizations...
India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy First
The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill (DPDPB) after it was...
MaginotDNS attacks exploit weak checks for DNS cache poisoning
A team of researchers from UC Irvine and Tsinghua University has developed a new powerful cache poisoning attack named 'MaginotDNS,'...
UK gov keeps repeating its voter registration website is NOT a scam
Every year local government bodies or councils across Britain contact residents, asking them to update their voter details on the electoral register if...
US-CERT Vulnerability Summary for the Week of July 31, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoyunyecms -- yunyecmsSQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to...
Old exploit kits still kicking around in 2023
The year is 2023 and there still are some people using Internet Explorer on planet Earth. More shocking perhaps, is...
Ford says cars with WiFi vulnerability still safe to drive
Ford is warning of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles,...
Knight ransomware distributed in fake Tripadvisor complaint emails
The Knight ransomware is being distributed in an ongoing spam campaign that pretends to be TripAdvisor complaints. Knight ransomware is a recent rebrand...
Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk
Multiple security vulnerabilities impacting CyberPower's PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe's iBoot Power Distribution Unit (PDU)...
US-CERT Vulnerability Summary for the Week of July 31, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoyunyecms -- yunyecmsSQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to...
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping
Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) that could be potentially...
New Python URL Parsing Flaw Could Enable Command Execution Attacks
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain...
New Python URL Parsing Flaw Enables Command Injection Attacks
A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain...
