GitLab ‘strongly recommends’ patching max severity flaw ASAP
GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal...
News
US-CERT Vulnerability Summary for the Week of May 15, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry
At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a...
What to Look for When Selecting a Static Application Security Testing (SAST) Solution
If you're involved in securing the applications your organization develops, there is no question that Static Application Security Testing (SAST)...
Legion Malware Upgraded to Target SSH Servers and AWS Credentials
An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web...
Data Stealing Malware Discovered in Popular Android Screen Recorder App
Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found...
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial...
E.U. Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the...
Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as...
Cuba ransomware claims cyberattack on Philadelphia Inquirer
The Cuba ransomware gang has claimed responsibility for this month's cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper's...
Arms maker Rheinmetall confirms BlackBasta ransomware attack
German automotive and arms manufacturer Rheinmetall AG confirms that it suffered a BlackBasta ransomware attack that impacted its civilian business....
GoldenJackal state hackers silently attacking govts since 2019
Image: Bing Create A relatively unknown advanced persistent threat (APT) group named 'GoldenJackal' has been targeting government and diplomatic entities...
New AhRat Android malware hidden in app with 50,000 installs
Image: Bing Image Creator ESET malware researchers found a new remote access trojan (RAT) on the Google Play Store, hidden...
IT employee impersonates ransomware gang to extort employer
A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing...
US sanctions orgs behind North Korea’s ‘illicit’ IT worker army
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against four entities and one individual for their...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They...
GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments
Government and diplomatic entities in the Middle East and South Asia are the target of a new advanced persistent threat...
North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware
The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware...
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They...
New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East
An unknown threat actor has been observed leveraging a malicious Windows kernel driver in attacks likely targeting the Middle East...
The Rising Threat of Secrets Sprawl and the Need for Action
The most precious asset in today's information age is the secret safeguarded under lock and key. Regrettably, maintaining secrets has...
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They...
Are Your APIs Leaking Sensitive Data?
It's no secret that data leaks have become a major concern for both citizens and institutions across the globe. They...
