JumpCloud hack linked to North Korea after OPSEC mistake
A hacking unit of North Korea's Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made...
News
Lazarus hackers hijack Microsoft IIS servers to spread malware
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for...
Flipper Zero now has an app store to install third-party apps
The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Thousands of Citrix Servers Exposed to Zero-Day Bug
Over 15,000 Citrix servers worldwide are at risk of compromise unless administrators patch urgently, a leading security non-profit has warned.The...
Clop Could Make $100m from MOVEit Campaign
The notorious Clop ransomware gang may earn as much as $100m from its recent data extortion campaign, after a small...
Booz Allen Pays $377m to Settle Government Fraud Case
A leading US government contractor has agreed to pay a massive $377.5m to resolve allegations of procurement fraud – one...
Tampa General Hospital Data Breach Impacts 1.2 Million Patients
Tampa General Hospital (TGH) has revealed a data breach that may have affected the information of approximately 1.2 million patients.Writing...
Biden-Harris Administration Secures AI Commitments For Safety
The Biden-Harris Administration has taken a new step towards ensuring the responsible development of artificial intelligence (AI) technology by securing...
Novel Open Source Supply Chain Attacks Target Banking Sector
Application security provider Checkmarx has identified what it described as the first open source software supply chain attacks targeting the...
Cyber-Attack Strikes Norwegian Government Ministries
Norway’s government has reported that twelve of its ministries have fallen victim to a cyber-attack. At a press conference earlier today,...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
CISA warns govt agencies to patch Adobe ColdFusion servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on...
Clop now leaks data stolen in MOVEit attacks on clearweb sites
The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims,...
Over 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks
Thousands of Citrix Netscaler ADC and Gateway servers exposed online are vulnerable to attacks exploiting a critical remote code execution...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
Stolen Microsoft key offered widespread access to Microsoft cloud services
The Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and...
Over 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks
Thousands of Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE)...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
Netscaler ADC bug exploited to breach US critical infrastructure org
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector...
VirusTotal apologizes for data leak affecting 5,600 customers
VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file...
The Week in Ransomware – July 21st 2023 – Avaddon Back as NoEscape
This edition of the Week in Ransomware covers the last two weeks of news, as we could not cover it...
Stolen Azure AD key offered widespread access to Microsoft cloud services
The Microsoft private encryption key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and...
Clop gang to earn over $75 million from MOVEit extortion attacks
The Clop ransomware gang is expected to earn between $75-100 million from extorting victims of their massive MOVEit data theft...
