Android March 2023 update fixes two critical code execution flaws
Google has released March 2023 security updates for Android, fixing a total of 60 flaws, and among them, two critical-severity...
News
DuckDuckGo launches AI-powered search query answering tool
Privacy-focused search engine DuckDuckGo has launched the first beta version of DuckAssist, an AI-assisted feature that writes accurate summaries to...
Emotet malware attacks return after three-month break
The Emotet malware operation is again spamming malicious emails as of Tuesday morning after a three-month break, rebuilding its network...
Hospital Clínic de Barcelona severely impacted by ransomware attack
The Hospital Clínic de Barcelona suffered a ransomware attack on Sunday morning, severely disrupting its healthcare services after the institution's...
Pen Testers using Vulnerability Scanners – Closing the Gap
Vulnerability scanning is a common practice for businesses to verify and harden their security controls, and because of its popularity,...
New malware variant has “radio silence” mode to evade detection
The Sharp Panda cyber-espionage hacking group is targeting high-profile government entities in Vietnam, Thailand, and Indonesia with a new version of...
Veeam fixes bug that lets hackers breach backup infrastructure
Veeam urged customers to patch a high-severity Backup Service security vulnerability impacting its Backup & Replication software. The flaw (tracked...
Ransomware gang posts video of data stolen from Minneapolis schools
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly...
Bitwarden flaw can let hackers steal passwords using iframes
Bitwarden's credentials autofill feature contains a risky behavior that could allow malicious iframes embedded in trusted websites to steal people's...
FBI investigates data breach impacting U.S. House members and staff
The FBI is investigating a data breach affecting U.S. House of Representatives members and staff after their account and sensitive...
Fortinet warns of new critical unauthenticated RCE vulnerability
Fortinet has disclosed a "Critical" vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or...
Does Your Help Desk Know Who’s Calling?
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early...
Iranian Hackers Target Women Involved in Human Rights and Middle East Politics
Iranian state-sponsored actors are continuing to engage in social engineering campaigns targeting researchers by impersonating a U.S. think tank. "Notably...
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out...
New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access
Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable...
Why Healthcare Can’t Afford to Ignore Digital Identity
Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. — by Gus Malezis, CEO...
Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments
High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor...
Syxsense Platform: Unified Security and Endpoint Management
As threats grow and attack surfaces get more complex, companies continue to struggle with the multitude of tools they utilize...
CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog,...
Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks
A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to...
Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity
The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity...
Why Healthcare Can’t Afford to Ignore Digital Identity
Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. — by Gus Malezis, CEO...
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
Cybersecurity researchers have discovered a new information stealer dubbed SYS01stealer targeting critical government infrastructure employees, manufacturing companies, and other sectors....
Why Healthcare Can’t Afford to Ignore Digital Identity
Investing in digital identity can improve security, increase clinical productivity, and boost healthcare's bottom line. — by Gus Malezis, CEO...
