Ivanti Warns Of New Connect Secure Zero Day Exploited In Attacks
Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day...
News
Hackers Push Usb Malware Payloads Via News Media Hosting Sites
A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub,...
Johnson Controls Says Ransomware Attack Cost 27 Million Data Stolen
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led...
City Cyber Taskforce Launches to Secure Corporate Finance
Two of the UK’s leading accounting and security bodies are teaming up with others to launch a new taskforce today...
US Sanctions Egyptian IT Experts Aiding ISIS in Cybersecurity
The US government has announced sanctions against two Egyptian IT experts for providing cybersecurity support and training to the terrorist...
Citibank Sued For Failing to Protect Fraud Victims
New York’s attorney general, Letitia James, yesterday launched legal action against one of America’s biggest banks for allegedly failing to...
US Senators Propose Cybersecurity Agriculture Bill
A new bipartisan bill proposed by two US Senators looks to bolster the cybersecurity of the food and agriculture sector....
Pawn Storm’s Stealthy Net-NTLMv2 Assault Revealed
Pawn Storm, an advanced persistent threat (APT) actor also known as APT28, has been targeting high-value entities globally, employing a...
EU Launches First Cybersecurity Certification for Digital Products
The EU has adopted its first Cybersecurity Certification scheme as part of efforts to boost cybersecurity of IT products and...
Sysdig Report Exposes 91% Failure in Runtime Scans
A substantial 91% of runtime scans are failing within organizations, signaling a significant reliance on identifying issues rather than preventing...
RunC Flaws Enable Container Escapes, Granting Attackers Host Access
Multiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to...
Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is...
Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware
A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target...
The SEC Won’t Let CISOs Be: Understanding New SaaS Cybersecurity Rules
The SEC isn't giving SaaS a free pass. Applicable public companies, known as "registrants," are now subject to cyber incident...
Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware
Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an...
Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw...
Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware
A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited...
Police Disrupt Grandoreiro Banking Malware Operation Make Arrests
The Federal Police of Brazil and cybersecurity researchers have disrupted the Grandoreiro banking malware operation, which has been targeting Spanish-speaking...
Vastaamo Hacker Traced Via Untraceable Monero Transactions Police Says
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was...
A Mishandled Github Token Exposed Mercedes Benz Source Code
A mishandled GitHub token gave unrestricted access to Mercedes-Benz's internal GitHub Enterprise Service, exposing source code to the public. Mercedes-Benz...
Citibank Sued Over Failure To Defend Customers Against Hacks Fraud
New York Attorney General Letitia James sued Citibank over its alleged failure to defend customers against hacks and scams and...
Us Charges Two More Suspects With Draftking Account Hacks
​The U.S. Department of Justice arrested and charged two more suspects for their involvement in the hacking of almost 68,000 DraftKings accounts in...
Microsoft Teams Phishing Pushes Darkgate Malware Via Group Chats
New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims'...
