Russian hacktivists deploy new AresLoader malware via decoy installersSecurity researchers have started seeing attack campaigns that use a relatively new malware-as-a-service (MaaS) tool called AresLoader. The...
Day: March 24, 2023
Cisco fixed multiple severe vulnerabilities in its IOS and IOS XE software
Cisco fixed multiple severe vulnerabilities in its IOS and IOS XE softwareCisco addressed tens of vulnerabilities in its IOS and IOS XE software, six of these...
Experts published PoC exploit code for Veeam Backup & Replication bug
Experts published PoC exploit code for Veeam Backup & Replication bugResearchers released a PoC exploit code for a high-severity vulnerability in Veeam Backup & Replication (VBR)...
A million at risk from user data leak at Korean beauty platform PowderRoom
A million at risk from user data leak at Korean beauty platform PowderRoomSouth Korean beauty content platform, PowderRoom, has leaked the personal information of nearly one...
Pack it Secretly: Earth Preta’s Updated Stealthy Strategies
Pack it Secretly: Earth Preta’s Updated Stealthy StrategiesEarth Preta has actively been changing its tools, tactics, and procedures (TTPs) to bypass security solutions. In this blog...
Massive adversary-in-the-middle phishing campaign bypasses MFA and mimics Microsoft Office
Massive adversary-in-the-middle phishing campaign bypasses MFA and mimics Microsoft OfficeMicrosoft has already seen millions of phishing emails sent every day by attackers using this phishing kit....
New CISA tool detects hacking activity in Microsoft cloud services
New CISA tool detects hacking activity in Microsoft cloud servicesThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released a new open-source incident response tool that helps...
City of Toronto confirms data theft, Clop claims responsibility
City of Toronto confirms data theft, Clop claims responsibilityCity of Toronto is among Clop ransomware gang's latest victims hit in the ongoing GoAnywhere hacking spree. Other victims listed...
WordPress force patching WooCommerce plugin with 500K installs
WordPress force patching WooCommerce plugin with 500K installsAutomattic, the company behind the WordPress content management system, is force installing a security update on hundreds of thousands of websites...
BlackGuard stealer now targets 57 crypto wallets, extensions
BlackGuard stealer now targets 57 crypto wallets, extensionsA new variant of the BlackGuard stealer has been spotted in the wild, featuring new capabilities like USB propagation,...
Microsoft Teams, Virtualbox, Tesla zero-days exploited at Pwn2Own
Microsoft Teams, Virtualbox, Tesla zero-days exploited at Pwn2OwnDuring the second day of Pwn2Own Vancouver 2023, competitors were awarded $475,000 after successfully exploiting 10 zero-days in multiple...
How AI is helping companies fight document fraud
How AI is helping companies fight document fraudIn an exclusive interview with David Hobbs, a fraud expert at Check Point, Conor Burke, the co-founder and CTO...
What is reverse tabnabbing and how can you stop it?
What is reverse tabnabbing and how can you stop it?EXECUTIVE SUMMARY: Reverse tabnabbing, also known simply as tabnabbing, is a form of phishing that involves deceiving...
Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability
Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service VulnerabilityA vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and...
Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability
Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service VulnerabilityA vulnerability in the HTTP-based client profiling feature of Cisco IOS XE...
Live Webinar | The Good, the Bad and the Truth About Password Managers
Live Webinar | The Good, the Bad and the Truth About Password ManagersPost ContentRead MoreDataBreachToday.com RSS Syndication
Breach Roundup: Ferrari, Indian Health Ministry and the NBA
Breach Roundup: Ferrari, Indian Health Ministry and the NBAAlso: Lionsgate, Royal Dirkzwager, New LockBit Claims and Latitude FinancialThis week's roundup of cybersecurity incidents around the world...
Lawmakers Weigh New Regulations in U.S. Cyber Strategy
Lawmakers Weigh New Regulations in U.S. Cyber StrategyDon't 'Overregulate,' GOP Subcommittee Chairwoman Tells White House OfficialMembers of a U.S. House panel got their first look at...
Cryptohack Roundup: BitPay, Euler Finance Gala Games
Cryptohack Roundup: BitPay, Euler Finance Gala GamesAlso: Fireblocks, BitGo Clash; Bitzlato Users can Withdraw Some FundsEvery week, ISMG rounds up cybersecurity incidents in the world of...
SideCopy APT Targets India’s Premier Defense Research Agency
SideCopy APT Targets India's Premier Defense Research AgencySideCopy APT Used Decoy Documents in Spear-Phishing Attack On DRDOSecurity researchers uncovered a Pakistani cyberespionage group employing fresh tactics...
Nuevas variantes de malware ShellBot DDoS dirigidas a servidores Linux mal administrados
Nuevas variantes de malware ShellBot DDoS dirigidas a servidores Linux mal administradosLos servidores Linux SSH mal administrados están siendo el objetivo de una nueva campaña que...