Microsoft Monthly Security Update (Jun 2019)
Updated Risk Level, Description, Source and Related Links.CVE-2019-1069 vulnerability is exploited in the wild. An elevation of privilege vulnerability exists in...
News
New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are...
Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military
A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized...
Why Pay A Pentester?
The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its...
Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing
Google has announced that it's rolling out a new set of features to its Chrome browser that gives users more...
North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware
A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace...
GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging
The GSM Association, the governing body that oversees the development of the Rich Communications Services (RCS) protocol, on Tuesday, said...
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way...
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of...
Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts
Meta has announced that it will begin training its artificial intelligence (AI) systems using public content shared by adult users...
U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation
The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa...
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users
Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with the goal...
How to Investigate ChatGPT activity in Google Workspace
Since launching ChatGPT in 2022, OpenAI has defied expectations with a steady stream of product announcements and enhancements. One such...
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability...
US-CERT Vulnerability Summary for the Week of September 9, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook
Imagine this... You arrive at work to a chaotic scene. Systems are down, panic is in the air. The culprit?...
Master Your PCI DSS v4 Compliance with Innovative Smart Approvals
The PCI DSS landscape is evolving rapidly. With the Q1 2025 deadline looming ever larger, businesses are scrambling to meet...
Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution
A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution...
North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware
Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to deliver...
Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure
Apple has filed a motion to "voluntarily" dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk...
Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login...
Microsoft Monthly Security Update (September 2024)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesSQL Server Medium RiskRemote Code Execution Information Disclosure Elevation of...
Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability
Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation...
UK ICO and NCA Memorandum: Strengthening Cybersecurity and Reporting
In a significant move to enhance cybersecurity in the UK, the Information Commissioner’s Office (ICO) has partnered with the National...
