Microsoft fixes Azure AD auth flaw enabling account takeover
Microsoft has addressed an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to escalate privileges and...
News
VMware warns of critical vRealize flaw exploited in attacks
VMware updated a security advisory published two weeks ago to warn customers that a now-patched critical vulnerability allowing remote code...
Hackers warn University of Manchester students’ of imminent data leak
Image: Ax Sharma The ransomware operation behind a cyberattack on the University of Manchester has begun to email students, warning...
US-CERT Vulnerability Summary for the Week of June 5, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
SaaS in the Real World: How Global Food Chains Can Secure Their Digital Dish
The Quick Serve Restaurant (QSR) industry is built on consistency and shared resources. National chains like McDonald's and regional ones...
Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products
Three security vulnerabilities have been disclosed in operational technology (OT) products from Wago and Schneider Electric. The flaws, per Forescout,...
SaaS in the Real World: How Global Food Chains Can Secure Their Digital Dish
The Quick Serve Restaurant (QSR) industry is built on consistency and shared resources. National chains like McDonald's and regional ones...
Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices
Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage (NAS) devices that could...
Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces
Over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and...
SaaS in the Real World: How Global Food Chains Can Secure Their Digital Dish
The Quick Serve Restaurant (QSR) industry is built on consistency and shared resources. National chains like McDonald's and regional ones...
ASUS Releases Patches to Fix Critical Security Bugs Impacting Multiple Router Models
Taiwanese company ASUS on Monday released firmware updates to address, among other issues, nine security bugs impacting a wide range...
Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer
A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in...
Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign
Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as...
Activities in the Cybercrime Underground Require a New Approach to Cybersecurity
As Threat Actors Continuously Adapt their TTPs in Today's Threat Landscape, So Must You Earlier this year, threat researchers at...
Early Warning is joining MyNCSC
Early Warning is joining MyNCSC Recap of Early Warning Existing users will know that https://www.ncsc.gov.uk/information/early-warning-service" target="_self">Early Warning is a threat-notification...
Android spyware camouflaged as VPN, chat apps on Google Play
Three Android apps on Google Play were used by state-sponsored threat actors to collect intelligence from targeted devices, such as...
Iowa’s largest school district confirms ransomware attack, data theft
Des Moines Public Schools, Iowa's largest school district, confirmed today that a ransomware attack was behind an incident that forced...
ASUS urges customers to patch critical router vulnerabilities
ASUS has released new firmware with cumulative security updates that address vulnerabilities in multiple router models, warning customers to immediately...
Hackers use fake OnlyFans pics to drop info-stealing malware
A malware campaign is using fake OnlyFans content and adult lures to install a remote access trojan known as 'DcRAT,'...
US-CERT Vulnerability Summary for the Week of June 5, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New Mystic Stealer Malware Targets 40 Web Browsers and 70 Browser Extensions
A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and...
Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems
Cybersecurity researchers have uncovered a set of malicious artifacts that they say is part of a sophisticated toolkit targeting Apple...
Activities in the Cybercrime Underground Require a New Approach to Cybersecurity
As Threat Actors Continuously Adapt their TTPs in Today's Threat Landscape, So Must You Earlier this year, threat researchers at...
Introducing AI-guided Remediation for IaC Security / KICS
While the use of Infrastructure as Code (IaC) has gained significant popularity as organizations embrace cloud computing and DevOps practices,...
