Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices
Threat actors are actively exploiting an unpatched five-year-old flaw impacting TBK digital video recording (DVR) devices, according to an advisory...
News
CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an Industrial Control Systems (ICS) advisory about a critical...
Why Telecoms Struggle with SaaS Security
The telecom industry has always been a tantalizing target for cybercriminals. The combination of interconnected networks, customer data, and sensitive...
How To Secure Web Applications Against AI-assisted Cyber Attacks
Artificial intelligence (AI) has brought forth a new era of innovation, with its transformative impact being felt across various industries...
Police operation ‘SpecTor’ arrests 288 dark web drug vendors and buyers
An international law enforcement operation codenamed 'SpecTor' has arrested 288 dark web vendors and customers worldwide, with police seizing €50.8...
1Password explains scary Secret Key and password change alerts
1Password says a recent incident that caused customers to receive notifications about changed passwords was the result of service disruption...
Hackers exploit 5-year-old unpatched flaw in TBK DVR devices
Hackers are actively exploiting an unpatched 2018 authentication bypass vulnerability in exposed TBK DVR (digital video recording) devices. DVRs are...
Level Finance crypto exchange hacked after two security audits
Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them...
FBI seizes 9 crypto exchanges used to launder ransomware payments
The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software
Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to...
Why Telecoms Struggle with SaaS Security
The telecom industry has always been a tantalizing target for cybercriminals. The combination of interconnected networks, customer data, and sensitive...
Why Telecoms Struggle with SaaS Security
The telecom industry has always been a tantalizing target for cybercriminals. The combination of interconnected networks, customer data, and sensitive...
BouldSpy Android Spyware: Iranian Government’s Alleged Tool for Spying on Minority Groups
A new Android surveillanceware possibly used by the Iranian government has been used to spy on over 300 individuals belonging...
LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been...
Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based...
North Korea’s ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
The North Korean threat actor known as ScarCruft began experimenting with oversized LNK files as a delivery route for RokRAT...
Hackers leak images to taunt Western Digital’s cyberattack response
The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating...
New LOBSHOT malware gives hackers hidden VNC access to Windows devices
A new malware known as ‘LOBSHOT’ distributed using Google ads allows threat actors to stealthily take over infected Windows devices...
T-Mobile discloses second data breach since the start of 2023
T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds...
US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks
An analysis of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbed...
APT28 Targets Ukrainian Government Entities with Fake “Windows Update” Emails
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various...
Vietnamese Threat Actor Infects 500,000 Devices Using ‘Malverposting’ Tactics
A Vietnamese threat actor has been attributed as behind a "malverposting" campaign on social media platforms to infect over 500,000...
