Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis
Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative...
News
Modernizing Vulnerability Management: The Move Toward Exposure Management
Managing vulnerabilities in the constantly evolving technological landscape is a difficult task. Although vulnerabilities emerge regularly, not all vulnerabilities present...
Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "...
Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an...
Yellow Pages Canada confirms cyber attack as Black Basta leaks data
Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black...
Microsoft 365 search outage affects Outlook, Teams, and SharePoint
Microsoft is investigating an ongoing issue preventing some customers from using the search functionality across multiple Microsoft 365 services. The...
Exploit released for PaperCut flaw abused to hijack servers, patch now
Attackers are exploiting severe vulnerabilities in the widely-used PaperCut MF/NG print management software to install Atera remote management software to...
APC warns of critical unauthenticated RCE flaws in UPS software
APC's Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices...
KuCoin’s Twitter account hacked to promote crypto scam
KuCoin's Twitter account was hacked, allowing attackers to promote a fake giveaway scam that led to the theft of over...
Intel CPUs vulnerable to new transient execution side-channel attack
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the...
VirusTotal now has an AI-powered malware analysis feature
VirusTotal announced on Monday the launch of a new artificial intelligence-based code analysis feature named Code Insight. The new feature...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering
The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh...
Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack
Threat actors are employing a previously undocumented "defense evasion tool" dubbed AuKill that's designed to disable endpoint detection and response...
Study: 84% of Companies Use Breached SaaS Applications – Here’s How to Fix it for Free!
A recent review by Wing Security, a SaaS security company that analyzed the data of over 500 companies, revealed some...
Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites
Threat actors have been observed leveraging a legitimate but outdated WordPress plugin to surreptitiously backdoor websites as part of an...
New All-in-One “EvilExtractor” Stealer for Windows Systems Surfaces on the Dark Web
A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors...
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are being exploited in the...
Hackers can breach networks using data on resold corporate routers
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to...
Decoy Dog malware toolkit found after analyzing 70 billion DNS queries
A new enterprise-targeting malware toolkit called ‘Decoy Dog’ has been discovered after inspecting anomalous DNS traffic that is distinctive from...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Google ads push BumbleBee malware used by ransomware gangs
The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect,...
EvilExtractor malware activity spikes in Europe and the U.S.
Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in...
GitHub now allows enabling private vulnerability reporting at scale
GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging...
