Cisa Warns Of Patched Iphone Kernel Bug Now Exploited In Attacks
CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively...
News
Exploit Released For Android Local Elevation Flaw Impacting 7 Oems
A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is...
Europcar Denies Data Breach Of 50 Million Users Says Data Is Fake
Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after...
Cisa Vendors Must Secure Soho Routers Against Volt Typhoon Attacks
CISA has urged manufacturers of small office/home office (SOHO) routers to ensure their devices' security against ongoing attacks attempting to hijack...
Ivanti Warns Of New Connect Secure Zero Day Exploited In Attacks
Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day...
Hackers Push Usb Malware Payloads Via News Media Hosting Sites
A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub,...
Johnson Controls Says Ransomware Attack Cost 27 Million Data Stolen
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led...
City Cyber Taskforce Launches to Secure Corporate Finance
Two of the UK’s leading accounting and security bodies are teaming up with others to launch a new taskforce today...
US Sanctions Egyptian IT Experts Aiding ISIS in Cybersecurity
The US government has announced sanctions against two Egyptian IT experts for providing cybersecurity support and training to the terrorist...
Citibank Sued For Failing to Protect Fraud Victims
New York’s attorney general, Letitia James, yesterday launched legal action against one of America’s biggest banks for allegedly failing to...
US Senators Propose Cybersecurity Agriculture Bill
A new bipartisan bill proposed by two US Senators looks to bolster the cybersecurity of the food and agriculture sector....
Pawn Storm’s Stealthy Net-NTLMv2 Assault Revealed
Pawn Storm, an advanced persistent threat (APT) actor also known as APT28, has been targeting high-value entities globally, employing a...
EU Launches First Cybersecurity Certification for Digital Products
The EU has adopted its first Cybersecurity Certification scheme as part of efforts to boost cybersecurity of IT products and...
Sysdig Report Exposes 91% Failure in Runtime Scans
A substantial 91% of runtime scans are failing within organizations, signaling a significant reliance on identifying issues rather than preventing...
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to...
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is...
Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware
A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target...
The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules
The SEC isn't giving SaaS a free pass. Applicable public companies, known as "registrants," are now subject to cyber incident...
Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware
Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an...
Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw...
Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
Vastaamo Hacker Traced Via Untraceable Monero Transactions Police Says
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was...
A Mishandled Github Token Exposed Mercedes Benz Source Code
A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. Mercedes-Benz...
