Ascension Attack Caused by Employee Downloading Malicious File
Ascension has revealed that ransomware attackers gained access to its systems after an employee accidently downloaded a malicious file.The incident,...
News
Arid Viper Hackers Spy in Egypt and Palestine Using Android Spyware
Researchers at cybersecurity provider ESET detected five cyber espionage campaigns starting in 2022, targeting Android users with trojanized apps in...
Kaspersky Finds 24 Flaws in Chinese Biometric Hardware Provider
Chinese hybrid biometric access systems provider ZkTeco is under scrutiny following a Kaspersky report revealing several new vulnerabilities in its...
Cyber Insurance Claims Hit Record High in North America
Cyber insurance claims in North America reached record levels in 2023, according to insurance broker Marsh.The firm received over 1800...
Active Exploitation of High-Severity Zero-Day Vulnerability in Google Pixel
Google has released updates addressing a high severity vulnerability (CVE-2024-32896) affecting their Pixel products. The vulnerability is reportedly being actively...
June 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.The vulnerabilities that have been classified as...
UK and Canadian Privacy Regulators Investigate 23andMe
Genetic testing firm 23andMe is facing the combined scrutiny of the UK and Canadian data protection authorities following a major...
Phishing Attacks Targeting US and European Organizations Double
Phishing continues to be one of the most favored ways of compromising systems for hacking groups, Abnormal Security has found.In...
UK Police Arrest Two People for Smishing via Fake Cell Tower
UK police have arrested two individuals accused of sending thousands of SMS phishing (smishing) messages, posing as banks and other...
NVIDIA and Arm Urge Customers to Patch Bugs
NVIDIA and Arm have urged customers to upgrade their products after revealing a series of new vulnerabilities.Arm announced an actively...
Threat Actor Breaches Snowflake Customers, Victims Extorted
A cyber threat actor is suspected to have stolen a significant volume of customer data from data warehousing platform Snowflake,...
ChromeOS Multiple Vulnerabilities
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
PHP Multiple Vulnerabilities
Multiple vulnerabilities were identified in PHP. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution...
IoT Vulnerabilities Skyrocket, Becoming Key Entry Point for Attackers
Internet of Things (IoT) devices containing vulnerabilities have surged by 136% compared to a year ago, according to Forescout’s The...
NHS Appeals For Blood and Volunteers After Cyber-Attack
The NHS is fighting on several fronts to recover from the impact of a crippling ransomware attack last week, issuing...
Threat Actor Claims to Leak 270GB of New York Times Data
An anonymous threat actor has posted what they claim to be 270GB of source code stolen from the New York...
US-CERT Vulnerability Summary for the Week of June 3, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
High-Severity Vulnerability in SolarWinds Serv-U File Servers
SolarWinds has released security updates addressing a high severity vulnerability (CVE-2024-28995) affecting their Serv-U File Server products.Successful exploitation of the...
Critical Vulnerability in Hypertext Preprocessor (PHP) Software
PHP has released security updates addressing a critical vulnerability (CVE-2024-4577) affecting installations where PHP is used in CGI mode. The...
Security Flaws Found in Popular WooCommerce Plugin
Multiple security vulnerabilities have been found in the WooCommerce Amazon Affiliates (WZone) plugin, according to Patchstack. This premium WordPress plugin, developed...
#Infosec2024: Collaboration is Key to an Effective Security Culture
Security leaders need to foster a culture where their colleagues do more than just follow the rules, according to a...
EmailGPT Exposed to Prompt Injection Attacks
A new vulnerability has been found in the EmailGPT service, a Google Chrome extension and API service that utilizes OpenAI’s...
#Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis
Most CISOs now plan on the basis that a cyber-attack or data breach will happen, but there is still work...
#Infosec2024: Go Back to Basics With Risk Management to Tackle AI Risk
Organizations should stick to risk management basics, including well-written policies, effective training and clear accountability, if they want to ensure...