Threat actors exploit critical flaw in VMware Workspace ONE Access to drop ransomware, miners
Threat actors are exploiting a now-patched vulnerability, tracked as CVE-2022-22954, in VMware Workspace ONE Access in attacks in the wild....
News
EnergyAustralia Electricity company discloses security breach
Electricity company EnergyAustralia suffered a security breach, threat actors had access to information on 323 customers. Another Australian organization was...
Infographic: How CNAPP Consolidate Cybersecurity Tools
A cloud-native application protection platform (CNAPP) consolidates your security tools, helping development, DevOps, cloud, and security teams sort each piece...
Experts warn of CVE-2022-42889 Text4Shell exploit attempts
Wordfence researchers warn of exploitation attempts targeting the recently disclosed flaw in Apache Commons Text dubbed Text4Shell. Experts at WordPress security firm...
CISA adds Linux kernel flaw CVE-2021-3493 to its Known Exploited Vulnerabilities Catalog
CISA added a Linux kernel vulnerability, tracked as CVE-2021-3493, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security...
GUAC – A Google Open Source Project to secure software supply chain
Google launched the Graph for the Understanding Artifact Composition (GUAC) project, to secure the software supply chain. Google this week launched a...
News URSNIF variant doesn’t support banking features
A new variant of the popular Ursnif malware is used as a backdoor to deliver next-stage payloads and steal sensitive...
Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients
Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based...
Solve the Cloud-Native App Security Puzzle with CNAPP
Explore the value of integrating cloud-native application protection into security and development. If you like the site, please consider joining...
Ransomware Insurance Security Strategies
Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how...
Attack Surface Management 2022 Midyear Review Part 1
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the...
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
Cybersecurity researchers warn of a new PowerShell backdoor that disguises itself as part of the Windows update process to avoid...
BlueBleed: Microsoft confirmed data leak exposing customers’ info
Microsoft disclosed a data leak, sensitive data of some of its customers were exposed by a misconfigured Microsoft server accessible...
Internet disruptions observed as Russia targets critical infrastructure in Ukraine
While the Russian army is conducting coordinated missile and drone strikes in Ukraine experts observed Internet disruptions in the country....
Brazilian police arrested a man suspected of being a member of LAPSUS$ gang
The Federal Police of Brazil arrested an individual who is suspected of being a member of the notorious LAPSUS$ extortionist...
Experts discovered millions of .git folders exposed to public
Nearly two million .git folders containing vital project information are exposed to the public, the Cybernews research team found. Original...
Text4Shell, a remote code execution bug in Apache Commons Text library
Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote...
TeamTNT Returns – or Does It?
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines...
Researchers share of FabriXss bug impacting Azure Fabric Explorer
Cybersecurity researchers published technical details about a now-patched FabriXss flaw that impacts Azure Fabric Explorer. Orca Security researchers have released technical...
The missed link between Ransom Cartel and REvil ransomware gangs
Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at...
Microsoft Office 365 Message Encryption (OME) doesn’t ensure confidentiality
A bug in the message encryption mechanism used by Microsoft in Office 365 can allow to access the contents of the...
Software Patch Management Policy Best Practices
Explore the top risk-based patch management policy best practices to mitigate the growing threat of vulnerability exploits in your organization....
US-CERT Bulletin (SB22-290):Vulnerability Summary for the Week of October 10, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Law enforcement arrested 31 suspects for stealing cars by hacking key fobs
An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal...
