Over 400,000 corporate credentials stolen by info-stealing malware
The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they...
cybersecurity
Super Admin elevation bug puts 900,000 MikroTik devices at risk
A critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to...
VMware fixes bug exposing CF API admin credentials in audit logs
VMware has patched an information disclosure vulnerability in VMware Tanzu Application Service for VMs (TAS for VMs) and Isolation Segment...
More US States are ramping up data privacy laws in 2023
In the US, California has traditionally dominated the privacy conversation. This is changing. Now organizations doing business in Virginia, Colorado,...
New Realst macOS malware steals your cryptocurrency wallets
A new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its...
CISA warns govt agencies to patch Ivanti bug exploited in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) warned U.S. federal agencies today to secure their systems against a maximum severity...
Aussie Government Exposed Personal Info Via Security Report
The Australian home affairs department has been left red faced after accidentally leaking the personal information of participants in a government...
North Korean Cyber Group Suspected in JumpCloud Breach
A North Korean threat actor has been allegedly linked to a breach targeting JumpCloud, a zero-trust directory platform service used...
How is the Dark Web Reacting to the AI Revolution?
A quick search for “ChatGPT” on the dark web and Telegram shows 27,912 mentions in the past six months. Much...
Norwegian government IT systems hacked using zero-day flaw
The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited...
Zenbleed attack leaks sensitive data from AMD Zen2 processors
Google's security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to...
Ivanti patches MobileIron zero-day bug exploited in attacks
US-based IT software company Ivanti has patched an actively exploited zero-day vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management...
JumpCloud hack linked to North Korea after OPSEC mistake
A hacking unit of North Korea's Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made...
Lazarus hackers hijack Microsoft IIS servers to spread malware
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for...
Flipper Zero now has an app store to install third-party apps
The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party...
Tampa General Hospital Data Breach Impacts 1.2 Million Patients
Tampa General Hospital (TGH) has revealed a data breach that may have affected the information of approximately 1.2 million patients.Writing...
CISA warns govt agencies to patch Adobe ColdFusion servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on...
Clop now leaks data stolen in MOVEit attacks on clearweb sites
The Clop ransomware gang is copying an ALPHV ransomware gang extortion tactic by creating Internet-accessible websites dedicated to specific victims,...
Over 15K Citrix servers vulnerable to CVE-2023-3519 RCE attacks
Thousands of Citrix Netscaler ADC and Gateway servers exposed online are vulnerable to attacks exploiting a critical remote code execution...
Weekly Cybersecurity Tip: Mastering Incident Response and Management
Welcome once again to our Weekly Cyber Security Tip! This week we explore the inescapable terrain of Incident Response and...
Stolen Microsoft key offered widespread access to Microsoft cloud services
The Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and...
Over 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks
Thousands of Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE)...
Netscaler ADC bug exploited to breach US critical infrastructure org
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector...
VirusTotal apologizes for data leak affecting 5,600 customers
VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file...
