#DEFCON: Electrovolt Exploits Against Electron Desktop Apps ExposedElectron-based desktop application including Discord, Microsoft Teams and VScode were at risk from a series of vulnerabilitiesLeer másElectron-based desktop...
Day: August 18, 2022
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News Info Security Magazine
New Attack Weaponizes PLCs to Hack Enterprise and OT Networks
New Attack Weaponizes PLCs to Hack Enterprise and OT NetworksThe research resulted in proof-of-concept exploits against seven market-leading automation firmsLeer másThe research resulted in proof-of-concept exploits...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News Info Security Magazine
Healthcare Provider Issues Warning After Tracking Pixels Leak Patient Data
Healthcare Provider Issues Warning After Tracking Pixels Leak Patient DataThe leak was caused by incorrect configurations of an online tracking tool from MetaLeer másThe leak was...
Two Additional Malicious Python Libraries Found on PyPI Repository
Two Additional Malicious Python Libraries Found on PyPI RepositoryThe new packages were masquerading as one of the most popular open-source packages on PyPILeer másThe new packages...
Bug Bounty Giant Slams Quality of Vendor Patching
Bug Bounty Giant Slams Quality of Vendor PatchingZero Day Initiative says incomplete or faulty patches now commonplaceLeer másZero Day Initiative says incomplete or faulty patches now...
USBs Still a Major OT Infection Vector
USBs Still a Major OT Infection VectorManufacturing was most exposed to OT threats in 2021Leer másManufacturing was most exposed to OT threats in 2021
0 - CT 0 - CT - SOC - CSIRT Operations - SOAR Automation & Playbooks Cyber Security News Info Security Magazine
Identity Scams Soar to Make 2021 a Record Year
Identity Scams Soar to Make 2021 a Record YearNon-profit says Google Voice scams were the most reported threatLeer másNon-profit says Google Voice scams were the most...
Russia-linked Gamaredon APT continues to target Ukraine
Russia-linked Gamaredon APT continues to target UkraineRussia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News The Register
Ransomware attack on UK water company clouded by confusion
Ransomware attack on UK water company clouded by confusionClop gang thought it hit Thames Water – but real victim was elsewhere A water company in the...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News Info Security Magazine
Organizations Struggle to Fend Off Cloud and Web Attacks
Organizations Struggle to Fend Off Cloud and Web AttacksThe study queries more than 950 IT and security professionals across the Americas, EMEA and APACLeer másThe study...
Russia-linked Gamaredon APT continues to target Ukraine
Russia-linked Gamaredon APT continues to target UkraineRussia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive...
RubyGems Mandates MFA for Top-100 Package Maintainers
RubyGems Mandates MFA for Top-100 Package MaintainersThe package manager started enforcing MFA on owners of gems with over 180 million total downloadsLeer másThe package manager started...
New Deep Instinct partner program targets MSSPs fighting ransomware
New Deep Instinct partner program targets MSSPs fighting ransomwareCybersecurity firm Deep Instinct has rolled out a new partner program to provide its endpoint and application protection...
How a spoofed email passed the SPF check and landed in my inbox
How a spoofed email passed the SPF check and landed in my inboxThe Sender Policy Framework can’t help prevent spam and phishing if you allow billions...
APT Lazarus Targets Engineers with macOS Malware
APT Lazarus Targets Engineers with macOS MalwareThe North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both...
Clop gang targeted UK drinking water supplier South Staffordshire Water
Clop gang targeted UK drinking water supplier South Staffordshire WaterA cyber attack disrupted the IT operations of South Staffordshire Water, a company supplying drinking water to...
Zoom fixed two flaws in macOS App that were disclosed at DEF CON
Zoom fixed two flaws in macOS App that were disclosed at DEF CONZoom addressed two high-severity vulnerabilities in its macOS app that were disclosed at the...
Clop gang targeted UK drinking water supplier South Staffordshire Water
Clop gang targeted UK drinking water supplier South Staffordshire WaterA cyber attack disrupted the IT operations of South Staffordshire Water, a company supplying drinking water to...
Suspected Russian Money Launderer Extradited to US
Suspected Russian Money Launderer Extradited to USMan allegedly handled over $400,000 in Ryuk proceedsLeer másMan allegedly handled over $400,000 in Ryuk proceeds
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News SecurityAffairs
ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data
ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive dataResearchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption...
DEF CON – “don’t worry, the elections are safe” edition
DEF CON – “don’t worry, the elections are safe” editionDon't worry, elections are safe. Our Security Researcher Cameron Camp provide us highlights from the DEF CON...
North Korea-linked APT targets Job Seekers with macOS malware
North Korea-linked APT targets Job Seekers with macOS malwareThe North Korea-linked Lazarus Group has been observed targeting job seekers with macOS malware working also on Intel...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News SecurityAffairs
ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data
ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive dataResearchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption...
Researchers Find 35 Adware Apps on Google Play
Researchers Find 35 Adware Apps on Google PlayApps have millions of downloads, says BitdefenderLeer másApps have millions of downloads, says Bitdefender
Google fixed a new Chrome Zero-Day actively exploited in the wild
Google fixed a new Chrome Zero-Day actively exploited in the wildGoogle addressed a dozen vulnerabilities in the Chrome browser, including the fifth Chrome zero-day flaw exploited...
Google fixed a new Chrome Zero-Day actively exploited in the wild
Google fixed a new Chrome Zero-Day actively exploited in the wildGoogle addressed a dozen vulnerabilities in the Chrome browser, including the fifth Chrome zero-day flaw exploited...
Bugdrop dropper includes features to circumvent Google’s security Controls
Bugdrop dropper includes features to circumvent Google’s security ControlsResearchers have discovered a previously undocumented Android dropper, dubbed BugDrop, that’s still under development. Recently, researchers from ThreatFabric...
Bugdrop dropper includes features to circumvent Google’s security Controls
Bugdrop dropper includes features to circumvent Google’s security ControlsResearchers have discovered a previously undocumented Android dropper, dubbed BugDrop, that’s still under development. Recently, researchers from ThreatFabric...
China-linked RedAlpha behind multi-year credential theft campaign
China-linked RedAlpha behind multi-year credential theft campaignA China-linked APT group named RedAlpha is behind a long-running mass credential theft campaign aimed at organizations worldwide. Recorded Future researchers attributed...
China-linked RedAlpha behind multi-year credential theft campaign
China-linked RedAlpha behind multi-year credential theft campaignA China-linked APT group named RedAlpha is behind a long-running mass credential theft campaign aimed at organizations worldwide. Recorded Future researchers attributed...