IT Security Pro Jailed for Attempted Extortion
A former IT security analyst has been jailed for three years and seven months after attempting to extort his employer,...
News
WooCommerce Bug Exploited in Targeted WordPress Attacks
Security researchers have recorded over one million attempts to compromise a popular WordPress plugin over the past few days.Wordfence said...
Suspected Scareware Fraudster Arrested After Decade on the Run
A suspected scammer who used scareware to trick hundreds of thousands of global victims into handing over money has been...
New Vulnerabilities Found in Adobe ColdFusion
Security researchers from Rapid7 have found active exploitation of multiple vulnerabilities in Adobe ColdFusion, a web development computing platform.On July...
JumpCloud Confirms Data Breach By Nation-State Actor
Identity and access management solutions provider JumpCloud has revealed on July 12, 2023, that it was the target of a security...
drIBAN Fraud Operations Target Corporate Banking Customers
Threat actors have extensively been using a sophisticated web-inject kit called drIBAN to orchestrate fraudulent attacks on corporate banking institutions...
CISA Unveils Guide to Aid Firms Transition to Cloud Security
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a comprehensive factsheet on July 17, 2023, to assist businesses...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
JumpCloud discloses breach by state-backed APT hacking group
US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of...
Frontline Security Practitioners Reveal the Latest About AI
Mark your calendar for mWISE™, the uniquely targeted, community-focused cybersecurity conference from Mandiant. It runs from September 18–20, 2023 in...
Meet NoEscape: Avaddon ransomware gang’s likely successor
The new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and...
CISA shares free tools to help secure data in the cloud
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared a factsheet providing details on free tools and guidance for...
Police arrests Ukrainian scareware developer after 10-year hunt
The Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from...
IT worker jailed for impersonating ransomware gang to extort employer
28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail...
Critical ColdFusion flaws exploited in attacks to drop webshells
Update 7/17/23: The article was updated due to a mistaken warning added by Adobe to its email notification. However, a...
Hackers exploiting critical WordPress WooCommerce Payments bug
Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators,...
Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting
Attackers have been observed using the notorious Sorillus remote access trojan (RAT) and phishing attacks to exploit Google Firebase Hosting infrastructure.The...
BreachForums Admin Pleads Guilty to Hacking Charges
Conor Brian Fitzpatrick, famously known as "Pompompurin," has entered a guilty plea for hacking charges in the United States District...
Ukraine’s CERT-UA Exposes Gamaredon’s Rapid Data Theft Methods
The Ukrainian government's Computer Emergency Response Team (CERT-UA) has recently unveiled the rapid data theft methods of the APT known...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Russian Charged with Tech Smuggling and Money Laundering
A Russian security agent has been charged with smuggling ammunition and dual-use technology, including various electronics which helped the Kremlin...
EU Urged to Prepare for Quantum Cyber-Attacks
A new discussion paper has set out recommendations for the European Union (EU) on how to ensure member states are...
Acting White House Cyber Director Withdraws Nomination
The acting US national cyber director has reportedly withdrawn her name for consideration for the permanent role because she was...
Health Tech Vendor to Pay $31m After Kickback Allegations
A US provider of healthcare software has agreed to pay $31m to settle allegations it broke the False Claims Act...
