Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The...
News
US govt contractor ABB confirms ransomware attack, data theft
Swiss tech multinational and U.S. government contractor ABB has confirmed that some of its systems were impacted by a ransomware...
Mozilla stops Firefox fullscreen VPN ads after user outrage
Firefox users have been complaining about very intrusive full-screen advertisements promoting Mozilla VPN displayed in the web browser when navigating an...
BlackByte ransomware claims City of Augusta cyberattack
The city of Augusta in Georgia, U.S., has confirmed that the most recent IT system outage was caused by unauthorized access...
The Week in Ransomware – May 26th 2023 – Cities Under Attack
Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting cities’ online services. Earlier this month, we...
Emby shuts down user media servers hacked in recent attack
Image: Bing Image Creator Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently...
US-CERT Vulnerability Summary for the Week of May 15, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data
A new security flaw has been disclosed in the Google Cloud Platform's (GCP) Cloud SQL service that could be potentially...
Cynet Protects Hospital From Lethal Infection
A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process...
Predator Android Spyware: Researchers Uncover New Data Theft Capabilities
Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli...
5 Must-Know Facts about 5G Network Security and Its Cloud Benefits
5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and...
Cynet Protects Hospital From Lethal Infection
A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process...
Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances
Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been...
Cynet Protects Hospital From Lethal Infection
A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process...
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed....
New cyber security training packages launched to manage supply chain risk
New cyber security training packages launched to manage supply chain risk The NCSC are delighted to launch https://www.ncsc.gov.uk/guidance/mapping-your-supply-chain#section_6" target="_self">two new...
‘Operation Magalenha’ targets credentials of 30 Portuguese banks
A Brazilian hacking group has been targeting thirty Portuguese government and private financial institutions since 2021 in a malicious campaign...
New Buhti ransomware gang uses leaked Windows, Linux encryptors
A new ransomware operation named 'Buhti' uses the leaked code of the LockBit and Babuk ransomware families to target Windows...
Zyxel warns of critical vulnerabilities in firewall and VPN devices
Zyxel is warning customers of two critical-severity vulnerabilities in several of its firewall and VPN products that attackers could leverage without authentication....
Microsoft 365 phishing attacks use encrypted RPMSG messages
Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed...
New Russian-linked CosmicEnergy malware targets industrial systems
Mandiant security researchers have discovered a new malware called CosmicEnergy designed to disrupt industrial systems and linked to Russian cybersecurity...
D-Link fixes auth bypass and RCE flaws in D-View 8 software
D-Link has fixed two critical-severity vulnerabilities in its D-View 8 network management suite that could allow remote attackers to bypass...
Predator: Looking under the hood of Intellexa’s Android spyware
Image: Bing Create Security researchers at Cisco Talos and the Citizen Lab have presented a new technical analysis of the...
What’s a Double-Blind Password Strategy and When Should It Be Used
Password security, like threat actor methods, continues to evolve. As computing power grows, previously best-practice passwords become increasingly vulnerable. Password...
