Hackers exploiting critical WordPress WooCommerce Payments bug
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators,...
News
Ukraine’s CERT-UA Exposes Gamaredon’s Rapid Data Theft Methods
The Ukrainian government's Computer Emergency Response Team (CERT-UA) has recently unveiled the rapid data theft methods of the APT known...
Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting
Attackers have been observed using the notorious Sorillus remote access trojan (RAT) and phishing attacks to exploit Google Firebase Hosting infrastructure.The...
BreachForums Admin Pleads Guilty to Hacking Charges
Conor Brian Fitzpatrick, famously known as "Pompompurin," has entered a guilty plea for hacking charges in the United States District...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Russian Charged with Tech Smuggling and Money Laundering
A Russian security agent has been charged with smuggling ammunition and dual-use technology, including various electronics which helped the Kremlin...
EU Urged to Prepare for Quantum Cyber-Attacks
A new discussion paper has set out recommendations for the European Union (EU) on how to ensure member states are...
Acting White House Cyber Director Withdraws Nomination
The acting US national cyber director has reportedly withdrawn her name for consideration for the permanent role because she was...
Health Tech Vendor to Pay $31m After Kickback Allegations
A US provider of healthcare software has agreed to pay $31m to settle allegations it broke the False Claims Act...
Fewer Than 100 Scammers Responsible For Global Email Extortion
Global email-based extortion scams are the work of just a small group of fraudsters, new research from Barracuda Networks has...
Mandiant Unveils Russian GRU’s Cyber Playbook Against Ukraine
Drawing on its tracking of Russia-backed disruptive operations against Ukraine since the country’s invasion of its neighbor in February 2022,...
White House Publishes Plan to Implement US National Cybersecurity Strategy
The White House has published a plan for the implementation of the US National Cybersecurity Strategy, which was introduced in...
US on Track For Record Number of Data Breaches
This year could be another record breaker for data compromise following 951 publicly reported incidents in the second quarter, a...
NCSC Shares Alternatives to Using a SOC
A leading UK security agency has revealed several approaches that could reduce or eliminate the need for organizations to run...
UK Financial Regulator Urges Banks to Tackle AI-Based Fraud
The UK’s financial services regulator has warned banks that it will be watching closely what steps they put in place...
Ransomware Costs Financial Services $32bn in Five Years
Global financial services organizations have lost over $32bn in downtime since 2018 due to ransomware breaches, a new report has...
New CVSS Version Unveiled Amid Rising Cyber Threats
A new version of the Common Vulnerability Scoring System (CVSS 4.0) has been unveiled publicly by the Forum of Incident...
Chinese APT Favorite Backdoor Found in Pakistani Government App
Trend Micro has discovered a sample of Shadowpad, a sophisticated backdoor used by various Chinese-sponsored threat actors, in an application...
New Threat Actor Launches Cyber-attacks on Ukraine and Poland
A new threat actor group has been observed conducting a series of cyber-attacks targeting government entities, military organizations and civilian...
LokiBot Malware Targets Windows Users in Office Document Attacks
Windows users have been targeted again by the sophisticated malware known as LokiBot, which is spreading through malicious Office documents. According...
AI Tool WormGPT Enables Convincing Fake Emails For BEC Attacks
A generative AI tool, WormGPT, has emerged as a powerful weapon in the hands of cyber-criminals, specifically for launching business...
Thousands of images on Docker Hub leak auth secrets, private keys
Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Gamaredon hackers start stealing data 30 minutes after a breach
Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached...
