Source: thehackernews.com – Author: . Jun 01, 2023Ravie LakshmananNetwork Security / Exploit The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical...
Month: June 2023
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites – Source:thehackernews.com
Source: thehackernews.com – Author: . Jun 01, 2023Ravie LakshmananWebsite Security / WordPress WordPress has issued an automatic update to address a critical flaw in the Jetpack...
HMRC in New Tax Credits Scam Warning – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The UK’s tax office has warned of a new set of scams designed to trick customers claiming tax credits into handing over...
Amazon to Pay $31m After FTC’s Security and Privacy Allegations – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Amazon will pay close to $31m to the Federal Trade Commission (FTC) to settle allegations relating to Alexa and its Ring...
Zyxel Customers Urged to Patch Exploited Bug – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The security community is urging Zyxel networking device users to update their firewalls and VPNs after reports that hackers are actively...
Exploit released for RCE flaw in popular ReportLab PDF library – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A researcher has published a working exploit for a remote code execution (RCE) flaw impacting ReportLab Toolkit, a popular Python...
Amazon faces $30 million fine over Ring, Alexa privacy violations – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Amazon will pay $30 million in fines to settle allegations of privacy violations related to the operation of its Ring...
Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Lawrence Abrams Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools,...
Terminator antivirus killer is a vulnerable Windows driver in disguise – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan A threat actor known as Spyboy is promoting a tool called “Terminator” on a Russian-speaking hacking forum that can allegedly...
Hackers exploit critical Zyxel firewall flaw in ongoing attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install...
Stealthy SeroXen RAT malware increasingly used to target gamers – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A stealthy remote access trojan (RAT) named ‘SeroXen’ has recently gained popularity as cybercriminals begin using it for its low...
Toyota finds more misconfigured servers leaking customer info – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Toyota Motor Corporation has discovered two additional misconfigured cloud services that leaked car owners’ personal information for over seven years....
7 Stages of Application Testing: How to Automate for Continuous Security – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sponsored by Outpost24 With cyber-attacks becoming more sophisticated, organizations are becoming increasingly aware of the importance of safeguarding their web applications against...
Dark Pink hackers continue to target govt and military organizations – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Dark Pink APT hacking group continues to be very active in 2023, observed targeting government, military, and education organizations...
BrandPost: Cybercriminals are abusing security tools—here’s how we’re stopping them – Source: www.csoonline.com
Source: www.csoonline.com – Author: About | When you have comprehensive security, the future is yours to build. Learn about the strategies and solutions to secure your...
Gigabyte firmware component can be abused as a backdoor – Source: www.csoonline.com
Source: www.csoonline.com – Author: Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems. Researchers warn that the UEFI...
Inactive, unmaintained Salesforce sites vulnerable to threat actors – Source: www.csoonline.com
Source: www.csoonline.com – Author: Research highlights the risks posed by inactive Salesforce sites that continue to pull sensitive business data and can be easily exploited by...
Trellix, Netskope announce new Amazon Security Lake support to enhance threat detection, remediation – Source: www.csoonline.com
Source: www.csoonline.com – Author: Trellix expands XDR support for Amazon Security Lake while Netskope integrates its SSE platform with AWS’ centralized security data service. Cybersecurity vendors...
Barracuda patches zero-day vulnerability exploited since October – Source: www.csoonline.com
Source: www.csoonline.com – Author: The vulnerability stemmed from incomplete input validation of user-supplied .tar files as it pertains to the names of the files contained within...
BrandPost: Business risk is a critical component of cloud-native application protection – Source: www.csoonline.com
Source: www.csoonline.com – Author: About | Security resilience for the unpredictable to connect and protect every part of your business. Withstand the unforeseen and emerge stronger...
How CISOs can achieve more with less during uncertain economic times – Source: www.cybertalk.org
Source: www.cybertalk.org – Author: slandau EXECUTIVE SUMMARY: At the beginning of 2023, CISOs were optimistic about the prospect of higher budgets for cyber security, anticipating continued...
RSAC Fireside Chat: Reinforcing ‘Identity and Access Management’ to expose ‘shadow access’ – Source: www.lastwatchdog.com
Source: www.lastwatchdog.com – Author: bacohido By Byron V. Acohido The world of Identity and Access Management (IAM) is rapidly evolving. Related: Stopping IAM threats IAM began...
New “Migraine” Flaw Enables Attackers to Bypass MacOS Security – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 A new vulnerability has been discovered in macOS that allows attackers with root access to bypass System Integrity Protection (SIP) and...
SpinOk Trojan Compromises 421 Million Android Devices – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 A new Android Trojan has been discovered by security researchers that potentially compromised 421 million devices. The Doctor Web team unveiled...
IDSA: Only 49% of Firms Invest in Identity Protection Before Incidents – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Only 49% of leadership teams proactively invest in identity protection solutions before a security incident. Just 29% take action to support...
Chrome 114 Released With 18 Security Fixes – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google this week announced the release of Chrome 114 to the stable channel with a total of 18 security fixes...
Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs Researchers at firmware and hardware security company Eclypsium discovered that hundreds of motherboard models made by Taiwanese computer components giant...
Breaking Enterprise Silos and Improving Protection – Source: www.securityweek.com
Source: www.securityweek.com – Author: Matt Wilson As networks become atomized, the need for specialization comes into play. Infrastructure is spread across legacy, on-premises, hybrid, multi-cloud, and...
Spyware Found in Google Play Apps With Over 420 Million Downloads – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Antivirus company Doctor Web has identified spyware in over 100 Android applications that had more that 421 million cumulative downloads...
Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire An automatic update pushed to roughly five million WordPress sites over the past few days addresses a critical vulnerability introduced...