F5 fixes BIG-IP auth bypass allowing remote code execution attacks
A critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the...
cybersecurity
The Week in Ransomware – October 27th 2023 – Breaking Records
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023....
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto
The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits (and multiple bug...
#ISC2Congress: Generative AI A Boon for Organizations Despite the Risks, Experts Say
Generative AI is too beneficial to abandon despite the threats it poses to organizations, according to experts speaking at the...
Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks
Cloudflare says the number of hyper-volumetric HTTP DDoS (distributed denial of service) attacks recorded in the third quarter of 2023...
New iLeakage attack steals emails, passwords from Apple Safari
Academic researchers created a new speculative side-channel attack they named iLeakage that works on all recent Apple devices and can...
Nigerian Police dismantle cybercrime recruitment, mentoring hub
The Nigerian Police Form has arrested six suspects and dismantled a mentoring hub linked to cybercrime activities, including business email...
Android adware apps on Google Play amass two million installs
Several malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence...
StripedFly malware framework infects 1 million Windows, Linux hosts
A sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a...
Microsoft: Octo Tempest is one of the most dangerous financial hacking groups
Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as...
France says Russian state hackers breached numerous critical networks
The Russian APT28 hacking group (aka 'Strontium' or 'Fancy Bear') has been targeting government entities, businesses, universities, research institutes, and...
VMware fixes critical code execution flaw in vCenter Server
VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks...
European govt email servers hacked using Roundcube zero-day
The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day in attacks targeting European government entities and...
Ransomware isn’t going away – the problem is only getting worse
As the world moves steadily to becoming more and more digital, organizations worldwide become increasingly dependent on IT systems to...
Chilean telecom giant GTD hit by the Rorschach ransomware gang
Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service (IaaS) platform, disrupting online services. Grupo...
Samsung Galaxy S23 hacked two more times at Pwn2Own Toronto
Security researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking...
Flipper Zero can now spam Android, Windows users with Bluetooth alerts
A custom Flipper Zero firmware called 'Xtreme' has added a new feature to perform Bluetooth spam attacks on Android and...
Citrix Bleed exploit lets hackers hijack NetScaler accounts
A proof-of-concept (PoC) exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication...
Seiko says ransomware attack exposed sensitive customer data
Japanese watchmaker Seiko has confirmed it suffered a Black Cat ransomware attack earlier this year, warning that the incident has...
Seiko “BlackCat” Data Breach: 60,000 Records on the Line
Seiko Group Corporation (SGC) has recently confirmed the extent of a data breach that it disclosed initially in August. The...
Cyberattack on health services provider impacts 5 Canadian hospitals
A cyberattack on shared service provider TransForm has impacted operations in five hospitals in Ontario, Canada, impacting patient care and...
September was a record month for ransomware attacks in 2023
Ransomware activity in September reached unprecedented levels following a relative lull in August that was still way above regular standards...
VMware warns admins of public exploit for vRealize RCE flaw
VMware warned customers on Monday that proof-of-concept (PoC) exploit code is now available for an authentication bypass flaw in vRealize...
Decentralized Matrix messaging network says it now has 115M users
The team behind the Matrix open standard and real-time communication protocol has announced the release of its second major version,...
