VMware fixes bug exposing CF API admin credentials in audit logs
VMware has patched an information disclosure vulnerability in VMware Tanzu Application Service for VMs (TAS for VMs) and Isolation Segment...
News
More US States are ramping up data privacy laws in 2023
In the US, California has traditionally dominated the privacy conversation. This is changing. Now organizations doing business in Virginia, Colorado,...
New Realst macOS malware steals your cryptocurrency wallets
A new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its...
CISA warns govt agencies to patch Ivanti bug exploited in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) warned U.S. federal agencies today to secure their systems against a maximum severity...
Aussie Government Exposed Personal Info Via Security Report
The Australian home affairs department has been left red faced after accidentally leaking the personal information of participants in a government...
Hacker Claims to Have Stolen Sensitive Medical Records from Egypt’s Ministry of Health
An ‘established’ threat actor claimed to be in possession of two million data records stolen from the Egyptian Ministry of...
Data Breach Costs Hit Record High but Fall For Some
The average global cost of a data breach now stands at a record $4.45m, up a little over 2% year...
Ivanti Patches Zero-Day Bug Used in Norway Attacks
A major security breach at the Norwegian government announced yesterday has been traced back to a zero-day vulnerability in an Ivanti...
Critical Flaws Found in Microsoft Message Queuing Service
Three vulnerabilities have been discovered within the Microsoft Message Queuing (MSMQ) service – a proprietary messaging protocol designed to enable secure...
UK Government Report Finds Cybersecurity Skills Gap Stagnant
The UK Government’s Cyber Security Skills in the UK Labour Market 2023 report shows a staggering 50% of all UK...
North Korean Cyber Group Suspected in JumpCloud Breach
A North Korean threat actor has been allegedly linked to a breach targeting JumpCloud, a zero-trust directory platform service used...
Decoy Dog Malware Upgraded to Include New Features
Infoblox has unveiled crucial updates on the “Decoy Dog” remote access trojan (RAT) toolkit in a new threat report published today. Initially...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
How is the Dark Web Reacting to the AI Revolution?
A quick search for “ChatGPT” on the dark web and Telegram shows 27,912 mentions in the past six months. Much...
Norwegian government IT systems hacked using zero-day flaw
The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited...
Zenbleed attack leaks sensitive data from AMD Zen2 processors
Google's security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to...
Ivanti patches MobileIron zero-day bug exploited in attacks
US-based IT software company Ivanti has patched an actively exploited zero-day vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management...
JumpCloud hack linked to North Korea after OPSEC mistake
A hacking unit of North Korea's Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made...
Lazarus hackers hijack Microsoft IIS servers to spread malware
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for...
Flipper Zero now has an app store to install third-party apps
The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Thousands of Citrix Servers Exposed to Zero-Day Bug
Over 15,000 Citrix servers worldwide are at risk of compromise unless administrators patch urgently, a leading security non-profit has warned.The...
Clop Could Make $100m from MOVEit Campaign
The notorious Clop ransomware gang may earn as much as $100m from its recent data extortion campaign, after a small...
Booz Allen Pays $377m to Settle Government Fraud Case
A leading US government contractor has agreed to pay a massive $377.5m to resolve allegations of procurement fraud – one...
