BreachForums database and private chats for sale in hacker data breach
While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn,...
News
Zimbra patches zero-day vulnerability exploited in XSS attacks
Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting...
WordPress Ninja Forms plugin flaw lets hackers steal submitted data
Popular WordPress form-building plugin Ninja Forms contains three vulnerabilities that could allow attackers to achieve privilege escalation and steal user...
SEC Wants Cyber-Incident Disclosure Within Four Days
The US Securities and Exchange Commission (SEC) has adopted new rules requiring publicly listed firms to disclose serious incidents within...
OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI
You may have heard Sam Altman, the man behind ChatGPT, call for the regulation of future AI models while at...
NCSC Publishes New Guidance on Shadow IT
The UK’s leading cybersecurity agency has released new guidance for system owners and technical staff on how to manage shadow...
Supply Chain Attack Hits NHS Ambulance Trusts
A cyber-attack on an NHS supplier has left two ambulance trusts serving millions of people without access to electronic patient...
Security Incident Impacts CardioComm’s Operations
CardioComm Solutions, a Canadian medical provider of consumer heart monitoring and medical ECG software solutions, has disclosed a cybersecurity incident...
China’s Wuhan Earthquake Center Suffers Cyber-Attack
The Wuhan Earthquake Monitoring Center in China has been hit by a cyber-incident perpetuated by a hacker group with an...
“Mysterious Elephant” Emerges, Kaspersky Reports
A new malicious actor known as “Mysterious Elephant” operating in the Asia-Pacific region has emerged in the threat landscape in the...
High Severity Vulnerabilities Discovered in Ninja Forms Plugin
Multiple high-severity vulnerabilities have been discovered in Ninja Forms, a popular forms builder plugin for WordPress with over 900,000 active...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
Industry Coalition Calls For Enhanced Network Resilience
A new industry group of big-name vendors has launched with a mission to improve network and hardware resilience worldwide.Coordinated by...
Ransomware Attacks Skyrocket in Q2 2023
Ransomware attacks surged by 74% in Q2 2023 compared to the first three months of the year, a new report...
Over 900,000 MikroTik Routers Exposed to Critical Bug
Security experts have warned that hundreds of thousands of routers produced by Latvian networking equipment maker MikroTik are vulnerable to...
Education Sector Has Highest Share of Ransomware Victims
The education sector recorded a higher share of ransomware victims than any other in 2022, according to a new report...
Dark Web Markets Offer New FraudGPT AI Tool
Cybersecurity experts have identified a new AI tool called “FraudGPT,” circulating on the Dark Web and Telegram channels since July 22 2023. FraudGPT...
Repeatable VEC Attacks Target Critical Infrastructure
The threat of vendor email compromise (VEC) attacks has escalated, with recent data showing a sharp increase in such cyber-threats. According...
VMware Patches Vulnerability Exposing Admin Credentials
VMware addressed a vulnerability on Tuesday that impacts its Tanzu Application Service for VMs and Isolation Segment products. The flaw, tracked as CVE-2023-20891, poses...
Group-IB Founder Sentenced in Russia to 14 Years for Treason
The Moscow City Court has sentenced Ilya Sachkov, the founder of cybersecurity provider Group-IB, to 14 years in prison for...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
Norway says Ivanti zero-day was used to hack govt IT systems
The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti's Endpoint Manager Mobile (EPMM)...
Over 400,000 corporate credentials stolen by info-stealing malware
The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they...
Super Admin elevation bug puts 900,000 MikroTik devices at risk
A critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to...
