Mantis botnet powered the largest HTTPS DDoS attack in June
The largest HTTPS DDoS attack recently mitigated by Cloudflare was launched by the Mantis botnet. In June 2022, DDoS mitigation...
News
The new Retbleed speculative execution attack impacts both Intel and AMD chips
Researchers warn of a new vulnerability, dubbed Retbleed, that impacts multiple older AMD and Intel microprocessors. ETH Zurich researchers Johannes Wikner...
Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak
Former CIA programmer, Joshua Schulte, was convicted in a US federal court of the 2017 leak of a massive leak...
Microsoft published exploit code for a macOS App sandbox escape flaw
Microsoft published the exploit code for a vulnerability in macOS that can allow an attacker to escape the sandbox. Microsoft publicly disclosed...
VMware fixed a flaw in vCenter Server discovered eight months ago
VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048, in vCenter Server IWA mechanism. VMware addressed a high-severity privilege...
Worldwide 2021 Email Phishing Statistics & Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace security based on email threats detected in 2021....
Worldwide 2021 Email Phishing Statistics & Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace security based on email threats detected in 2021....
Qakbot operations continue to evolve to avoid detection
Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection....
Three UEFI Firmware flaws found in tens of Lenovo Notebook models
IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product...
Insecure password leads to Mangatoon data breach
The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user...
PyPI starts rolling out required 2FA for important projects
The Python Package Index (PyPI) says it has begun rolling out a two-factor authentication (2FA) requirement which enforces maintainers of...
Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021
A large-scale phishing campaign used adversary-in-the-middle (AiTM) phishing sites to hit more than 10,000 organizations Microsoft observed a large-scale phishing campaign...
The President of European Central Bank Christine Lagarde targeted by hackers
Christine Lagarde, the president of the European Central Bank, was the target of a failed hacking attempt. The European Central...
US-CERT Bulletin (SB22-192):Vulnerability Summary for the Week of July 4, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Flaws in the ExpressLRS Protocol allow the takeover of drones
The protocol for radio-controlled (RC) drones, named ExpressLRS, is affected by vulnerabilities that can allow device takeover. Researchers warn of...
Students tackle tech innovation challenge set by UK cyber experts
S Innovative students from around the country put their cyber studies to the test in a unique challenge set by...
Registration opens for CYBERUK 2022
R National Cyber Security Centre’s CYBERUK 2022 event will take place across two days on 10-11 May UK government’s flagship...
NCSC supports White House call for increased cyber security precautions
N The NCSC - a part of GCHQ - has today supported President Biden’s call for increased cyber security vigilance...
Joint security guidance offered to data centre operators and users
J The National Cyber Security Centre and the Centre for the Protection of National Infrastructure issue guidance to help UK’s...
Director GCHQ on global security amid war in Ukraine
D In a speech delivered at the Australian National University, Canberra, Director GCHQ Sir Jeremy Fleming discusses the resolve of...
NCSC advises organisations to act following Russia’s attack on Ukraine
N Following Russia’s unprovoked, premeditated attack on Ukraine, the National Cyber Security Centre continues to call on organisations in the...
Expressions of Interest sought for Cyber Incident Response L2 and Cyber Incident Exercising Scheme
E The NCSC is seeking Expressions of Interest (EOI) from organisations interested in applying to become a Delivery Partner for...
UK joins international partners to issue advice on latest Russian cyber threat
U The UK has today joined international partners to share updated mitigation advice against Russian state-sponsored and criminal cyber threats....
NCSC and allies publish advisory on the most commonly exploited vulnerabilities in 2021
N UK and international allies share details of the top 15 vulnerabilities routinely exploited by malicious actors in 2021 Advisory...
