Sec Confirms X Account Was Hacked In Sim Swapping Attack
The U.S. Securities and Exchange Commission confirmed today that its X account was hacked through a SIM-swapping attack on the...
News
Ivanti Vpn Appliances Vulnerable If Pushing Configs After Mitigation
Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable...
Hackers Start Exploiting Critical Atlassian Confluence Rce Flaw
Security researchers are observing exploitation attempts for the CVE-2023-22527 remote code execution flaw vulnerability that affects outdated versions of Atlassian Confluence servers....
Malicious Web Redirect Scripts Stealth Up To Hide On Hacked Sites
Security researchers looking at more than 10,000 scripts used by the Parrot traffic direction system (TDS) noticed an evolution marked by...
Cracked Macos Apps Drain Wallets Using Scripts Fetched From Dns Records
Hackers are using a stealthy method to deliver to macOS users information-stealing malware through DNS records that hide malicious scripts....
Apple Issues Patch for Critical Zero-Day in iPhones, Macs – Update Now
Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw...
VMware vCenter Server Multiple Vulnerabilities
Multiple vulnerabilities were identified in VMware vCenter Server. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information...
Russian Spies Brute Force Senior Microsoft Staff Accounts
Russian state hackers managed to compromise the email accounts of some of Microsoft’s senior leadership team, using basic brute-force techniques,...
CISA Emergency Directive Demands Action on Ivanti Zero-Days
A leading US security agency has issued an emergency directive requiring all of the government’s civilian federal agencies to mitigate...
Data Privacy Week: Lack of Understanding, Underfunding Threaten Data Privacy and Compliance
A lack of understanding combined with budgetary squeezes are significant obstacles for organization's navigating data privacy and compliance with data...
LoanDepot Data Breach Hits 16.6 Customers
LoanDepot, one of the largest US-based retail mortgage lenders, has confirmed that around 16.6 million of its customers have had...
New macOS Malware Targets Cracked Apps
Security researchers have discovered a new and previously unknown macOS malware that exploits pirated software to infiltrate users’ systems.The malware, distinct...
Thai Court Blocks 9near.org to Avoid Exposure of 55M Citizens
The Criminal Court in Thailand has issued an order to block the website 9near.org after it threatened to expose the...
US-CERT Vulnerability Summary for the Week of January 15, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor
Media organizations and high-profile experts in North Korean affairs have been at the receiving end of a new campaign orchestrated...
MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a...
NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers
Cybersecurity researchers have discovered a new Java-based "sophisticated" information stealer that uses a Discord bot to exfiltrate sensitive data from...
FTC Bans InMarket for Selling Precise User Location Without Consent
The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling...
52% of Serious Vulnerabilities We Find are Related to Windows 10
We analyzed 2,5 million vulnerabilities we discovered in our customer's assets. This is what we found. Digging into the data...
VMware vCenter Server Multiple Vulnerabilities
Multiple vulnerabilities were identified in VMware vCenter Server. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information...
Watch Out For I Cant Believe He Is Gone Facebook Phishing Posts
A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting...
Brave To End Strict Fingerprinting Protection As It Breaks Websites
Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes...
Tietoevry Ransomware Attack Causes Outages For Swedish Firms Cities
Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one...
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ...
