Royal ransomware gang adds BlackSuit encryptor to their arsenal
Image: Bing Create The Royal ransomware gang has begun testing a new encryptor called BlackSuit that shares many similarities with...
News
Why cybersecurity needs a conference like mWISE
Let’s talk about cybersecurity’s silo problem. First, industry divides are weighing on practitioners. According to ISSA, 77% of infosec pros...
Clop ransomware likely testing MOVEit zero-day since 2021
The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file...
Google Chrome password manager gets new safeguards for your credentials
Google Chrome is getting new security-enhancing features for the built-in Password Manager, making it easier for users to manage their...
Asylum Ambuscade hackers mix cybercrime with espionage
A hacking group tracked as 'Asylum Ambuscade' was observed in recent attacks targeting small to medium-sized companies worldwide, combining cyber...
PoC released for Windows Win32k bug exploited in attacks
Researchers have released a proof-of-concept (PoC) exploit for an actively exploited Windows local privilege escalation vulnerability fixed as part of...
Japanese pharma giant Eisai discloses ransomware attack
Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
Clop Ransomware Gang Likely Aware of MOVEit Transfer Vulnerability Since 2021
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have published a joint advisory regarding...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation
Details have emerged about a now-patched actively exploited security flaw in Microsoft Windows that could be abused by a threat...
Clop Ransomware Gang Likely Exploiting MOVEit Transfer Vulnerability Since 2021
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have published a joint advisory regarding...
Barracuda Urges Immediate Replacement of Hacked ESG Appliances
Enterprise security company Barracuda is now urging customers who were impacted by a recently disclosed zero-day flaw in its Email...
Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities
VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in...
Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks
The North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in...
New cloud security guidance: it’s all about the config
New cloud security guidance: it's all about the config The https://www.ncsc.gov.uk/blog-post/relaunching-the-ncscs-cloud-security-guidance-collection" target="_self">Cloud security guidance that we relaunched last year focuses...
EC-Council’s Certified CISO Hall of Fame Report 2023 shows Cloud Security as Top Concern
A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by EC-Council identified 4...
VMware fixes critical vulnerabilities in vRealize network analytics tool
VMware issued multiple security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers...
Android security update fixes Mali GPU bug exploited as zero-day
Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with...
CEO guilty of selling counterfeit Cisco devices to military, govt orgs
A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government...
New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux
Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new 'Fractureiser' information-stealing malware through uploaded modifications...
Honda API flaws exposed customer data, dealer panels, internal docs
Honda's e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API...
Cisco fixes AnyConnect bug giving Windows SYSTEM privileges
Cisco has fixed a high-severity vulnerability found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) software that can let...
