Critical Vulnerability in Apache OFBiz Requires Immediate Patching
Organizations utilizing Apache OFBiz have been warned to promptly address a critical vulnerability due to escalating exploitation attempts targeting a...
News
TikTok Withdraws Lite Rewards Program from EU Over Child Safety Fears
TikTok has agreed to permanently withdraw its ‘Lite Rewards’ program from the EU in response to EU Commission concerns about...
#BHUSA: Nation-State Attacks Target Hardware Supply Chains
A new report from HP Wolf Security has highlighted the growing danger from threat actors targeting physical device supply chains...
86% of Firms Identify Unknown Cyber-Risks as Top Concern
Eighty-six percent of respondents have identified unknown organizational cyber-risks as a top concern, according to the Critical Start 2024 Cyber Risk...
US-CERT Vulnerability Summary for the Week of July 29, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
The Loper Bright Decision: How it Impacts Cybersecurity Law
The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to...
Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks
Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called...
Researchers Uncover Flaws in Windows Smart App Control and SmartScreen
Cybersecurity researchers have uncovered design weaknesses in Microsoft's Windows Smart App Control and SmartScreen that could enable threat actors to...
Enhancing Incident Response Readiness with Wazuh
Incident response is a structured approach to managing and addressing security breaches or cyber-attacks. Security teams must overcome challenges such...
New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data
Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial...
Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access
A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute...
China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates
The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates...
DOJ and FTC Sue TikTok for Violating Children’s Privacy Laws
The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform...
Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool
Cybersecurity researchers have disclosed details of a new distributed denial-of-service (DDoS) attack campaign targeting misconfigured Jupyter Notebooks. The activity, codenamed...
EPA Told to Address Cyber Risks to Water Systems
The US Environmental Protection Agency (EPA) urgently needs to address rising cyber risks to water and wastewater systems, a new...
NCSC Unveils Advanced Cyber Defence 2.0 to Combat Evolving Threats
The UK’s National Cyber Security Centre (NCSC) has set out plans to launch a new version of its Active Cyber...
Social Media Firms Fail to Protect Children’s Privacy, Says ICO
The UK’s Information Commissioner’s Office (ICO) has put 11 social media and video sharing platforms “on notice” for failing to...
Gaming Industry Faces 94% Surge in DDoS Attacks
The gaming industry has faced a 94% increase in layer 7 distributed denial-of-service (DDoS) attacks over the past year.According to...
APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure
A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing...
APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack
A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties...
Webinar: Discover the All-in-One Cybersecurity Solution for SMBs
In today's digital battlefield, small and medium businesses (SMBs) face the same cyber threats as large corporations, but with fewer...
New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication
Cybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service (BITS)...
Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal
Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These...
Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware
Cybersecurity companies are warning about an uptick in the abuse of Clouflare's TryCloudflare free service for malware delivery. The activity,...
