Russian state hackers lure Western diplomats with BMW car ads
The Russian state-sponsored hacking group 'APT29' (aka Nobelium, Cloaked Ursa) has been using unconventional lures like car listings to entice...
News
GitHub goes passwordless, announces passkeys beta preview
GitHub announced today the introduction of passwordless authentication support in public beta, allowing users to upgrade from security keys to...
Critical RCE found in popular Ghostscript open-source PDF library
Image: Bing Create Ghostscript, an open-source interpreter for PostScript language and PDF files widely used in Linux, has been found...
SonicWall warns admins to patch critical auth bypass bugs immediately
SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company's Global Management System (GMS) firewall management and...
New PyLoose Linux malware mines crypto directly from memory
A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining....
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day...
Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting
Ransomware has emerged as the only cryptocurrency-based crime to grow in 2023, with cybercriminals extorting nearly $175.8 million more than...
Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner,...
The Risks and Preventions of AI in Business: Safeguarding Against Potential Pitfalls
Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding...
Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments
Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations,...
Apple Issues Urgent Patch for Zero-Day Flaw Targeting iOS, iPadOS, macOS, and Safari
Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw...
Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector
Cybersecurity researchers have unearthed a novel rootkit signed by Microsoft that's engineered to communicate with an actor-controlled attack infrastructure. Trend...
Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day...
Microsoft Releases Patches for 132 Vulnerabilities, Including 6 Under Active Attack
Microsoft on Tuesday released updates to address a total of 132 new security flaws spanning its software, including six zero-day...
Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner,...
Apple Issues Urgent Patch for Zero-Day Flaw Targeting iOS, iPadOS, macOS, and Safari
Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw...
Microsoft: Unpatched Office zero-day exploited in NATO summit attacks
Microsoft disclosed today an unpatched zero-day security bug in multiple Windows and Office products exploited in the wild to gain...
Hackers exploit Windows policy to load malicious kernel drivers
Microsoft blocked code signing certificates predominantly used by Chinese hackers and developers to sign and load malicious kernel mode drivers...
Deutsche Bank confirms provider breach exposed customer data
Deutsche Bank AG has confirmed to BleepingComputer that a data breach on one of its service providers has exposed its...
HCA confirms breach after hacker steals data of 11 million patients
HCA Healthcare disclosed a data breach impacting an estimated 11 million patients who received care at one of its hospitals...
Apple confirms WebKit security updates break browsing on some sites
Apple confirmed today that emergency security updates released on Monday to address a zero-day bug exploited in attacks also break browsing on...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Apple Issues Urgent Patch for Zero-Day Flaw Targeting iOS, iPadOS, macOS, and Safari
Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw...
