Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities
VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in...
News
Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks
The North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in...
New cloud security guidance: it’s all about the config
New cloud security guidance: it's all about the config The https://www.ncsc.gov.uk/blog-post/relaunching-the-ncscs-cloud-security-guidance-collection" target="_self">Cloud security guidance that we relaunched last year focuses...
EC-Council’s Certified CISO Hall of Fame Report 2023 shows Cloud Security as Top Concern
A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by EC-Council identified 4...
VMware fixes critical vulnerabilities in vRealize network analytics tool
VMware issued multiple security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers...
CEO guilty of selling counterfeit Cisco devices to military, govt orgs
A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government...
Android security update fixes Mali GPU bug exploited as zero-day
Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with...
New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux
Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications...
Honda API flaws exposed customer data, dealer panels, internal docs
Honda's e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API...
Cisco fixes AnyConnect bug giving Windows SYSTEM privileges
Cisco has fixed a high-severity vulnerability found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) software that can let...
Barracuda says hacked ESG appliances must be replaced immediately
Image: Bing Image Creator Email and network security company Barracuda warns customers they must replace Email Security Gateway (ESG) appliances...
Lazarus hackers linked to the $35 million Atomic Wallet heist
The notorious North Korean hacking group known as Lazarus has been linked to the recent Atomic Wallet hack, resulting in...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Microsoft to Pay $20 Million Penalty for Illegally Collecting Kids’ Data on Xbox
Microsoft has agreed to pay a penalty of $20 million to settle U.S. Federal Trade Commission (FTC) charges that the...
Winning the Mind Game: The Role of the Ransomware Negotiator
Get exclusive insights from a real ransomware negotiator who shares authentic stories from network hostage situations and how he managed...
New PowerDrop Malware Targeting U.S. Aerospace Industry
An unknown threat actor has been observed targeting the U.S. aerospace industry with a new PowerShell-based malware called PowerDrop. "PowerDrop...
Google fixes new Chrome zero-day flaw with exploit in the wild
Google has released a security update for Chrome web browser to address the third zero-day vulnerability that hackers exploited this year....
Android security update fixes Mali GPU flaw exploited by spyware
Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with...
Sextortionists are making AI nudes from your social media images
The Federal Bureau of Investigation (FBI) is warning of a rising trend of malicious actors creating deepfake content to perform...
Dissecting the Dark Web Supply Chain: Stealer Logs in Context
Stealer logs represent one of the primary threat vectors for modern companies. However, many security teams are still focused on...
New ‘PowerDrop’ PowerShell malware targets U.S. aerospace industry
A new PowerShell malware script named 'PowerDrop' has been discovered to be used in attacks targeting the U.S. aerospace defense...
Over 60,000 Android apps secretly installed adware for past six months
Over 60,000 Android apps disguised as legitimate applications have been quietly installing adware on mobile devices while remaining undetected for...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency
A recent malware campaign has been found to leverage Satacom downloader as a conduit to deploy stealthy malware capable of...
