Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated...
News
Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a...
Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues
Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical...
U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 32 internet domains used by a pro-Russian propaganda...
Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore
Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from...
NIST Cybersecurity Framework (CSF) and CTEM – Better Together
It's been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created...
New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm
The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of...
Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks
Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote...
North Korean Hackers Targets Job Seekers with Fake FreeConference App
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part...
Android Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw
Google has released its monthly security updates for the Android operating system to address a known security flaw that it...
Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers
Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions...
Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch
Google has released its monthly security updates for the Android operating system to address a known security flaw that it...
Researchers Find Over 22,000 Removed PyPI Packages at Risk of Revival Hijack
A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in...
The New Effective Way to Prevent Account Takeovers
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite...
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm...
Hackers Use Fake GlobalProtect VPN Software in New WikiLoader Malware Attack
A new malware campaign is spoofing Palo Alto Networks' GlobalProtect VPN software to deliver a variant of the WikiLoader (aka...
Guilty Pleas in Major MFA Bypass Scheme Exposed
Three men have admitted their roles in operating a notorious website that assisted cybercriminals in bypassing multi-factor authentication (MFA) to...
TfL Addresses Cybersecurity Incident: Services Remain Unaffected
Transport for London (TfL) is currently tackling a cybersecurity incident but assures that services are still operating normally. Transport for...
Verkada Faces Penalties Over Sensitive Video Footage Breach and Security Lapses
Verkada is in hot water as the FTC highlights critical security lapses that allowed hackers to gain access to sensitive...
GlobalProtect VPN Exploited: New WikiLoader Malware Variant Discovered
Palo Alto Networks has unveiled a concerning trend where its GlobalProtect VPN software has been exploited to distribute a new...
Surge of Active Ransomware Groups by 56% in 2024: New Insights
The cybersecurity landscape is facing a significant shift as the number of active ransomware groups increased by 56% in the...
Spyware Controls Urged by Civil Rights Groups in the EU
Civil rights organizations and journalists in Europe are urgently calling for stricter regulations on spyware applications, highlighting concerns about democracy...
Password Reset Attacks Rapidly Increase, Leading to Account Takeovers
As password reset attacks soar, cybersecurity experts reveal alarming trends impacting user safety and account integrity. As many as one...
US-CERT Vulnerability Summary for the Week of August 26, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
