CISA orders govt agencies to patch bugs exploited by Russian hackers
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six more security flaws to its known exploited vulnerabilities...
News
Microsoft: Hackers hijack Linux systems using trojanized OpenSSH version
Microsoft says Internet-exposed Linux and Internet of Things (IoT) devices are being hijacked in brute-force attacks as part of a...
Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices
A variant of the Mirai botnet is targeting almost two dozen vulnerabilities aiming to take control of D-Link, Arris, Zyxel,...
MULTI#STORM Campaign Targets India and U.S. with Remote Access Trojans
A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files to...
Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware
The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that...
Generative-AI apps & ChatGPT: Potential risks and mitigation strategies
Losing sleep over Generative-AI apps? You're not alone or wrong. According to the Astrix Security Research Group, mid size organizations...
Startup Security Tactics: Friction Surveys
When we do quarterly planning, my team categorizes our goals within four evergreen outcomes: Reduce the risk of information security...
Alert: Million of GitHub Repositories Likely Vulnerable to RepoJacking Attack
Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking, a new study has revealed. This...
Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari
Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set...
Unveiling the Unseen: Identifying Data Exfiltration with Machine Learning
Why Data Exfiltration Detection is Paramount?# The world is witnessing an exponential rise in ransomware and data theft employed to...
Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites
A critical security flaw has been disclosed in the WordPress "Abandoned Cart Lite for WooCommerce" plugin that's installed on more...
Startup Security Tactics: Friction Surveys
When we do quarterly planning, my team categorizes our goals within four evergreen outcomes: Reduce the risk of information security...
Threats and key takeaways for the legal sector
Threats and key takeaways for the legal sector A new https://www.ncsc.gov.uk/report/cyber-threat-report-uk-legal-sector" target="_self">threat report published today reveals why the legal sector...
Protecting how you administer cloud services
Protecting how you administer cloud services No matter which cloud service you choose, there are two aspects of your security...
Chinese APT15 hackers resurface with new Graphican malware
The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named 'Graphican' in a new...
iOttie discloses data breach after site hacked to steal credit cards
Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online...
UPS discloses data breach after exposed customer info used in SMS phishing
Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its...
Exploit released for Cisco AnyConnect bug giving SYSTEM privileges
Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure...
FTC: Amazon trapped millions into hard-to-cancel Prime memberships
The Federal Trade Commission (FTC) says Amazon allegedly used dark patterns to trick millions of users into enrolling in its...
The Great Exodus to Telegram: A Tour of the New Cybercrime Underground
The world of cybercrime is moving quickly. Threat actors, ransomware gangs, malware developers, and others are increasingly and rapidly moving...
US-CERT Vulnerability Summary for the Week of June 5, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks
The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previous undocumented wiretapping features...
Startup Security Tactics: Friction Surveys
When we do quarterly planning, my team categorizes our goals within four evergreen outcomes: Reduce the risk of information security...
New Report Exposes Operation Triangulation’s Spyware Implant Targeting iOS Devices
More details have emerged about the spyware implant that's delivered to iOS devices as part of a campaign called Operation...
