Source: www.infosecurity-magazine.com – Author: 1 The US Federal Bureau of Investigation (FBI) has issued a Private Industry Notification highlighting two concerning trends in the world of...
Day: October 2, 2023
BunnyLoader Malware Targets Browsers and Cryptocurrency – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Zscaler ThreatLabz has identified a newly emerging Malware-as-a-Service (MaaS) threat known as “BunnyLoader,” available on underground forums. The tool, priced at...
AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The potential for cybercriminals to use AI chatbots to create phishing campaigns has been cause for concern and now it has...
Nearly 100,000 Industrial Control Systems Exposed to the Internet – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Thousands of organizations around the world are using industrial control systems (ICS) exposed to the public internet, new analysis from Bitsight...
Cybersecurity Awareness Month Celebrates 20 Years – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Cybersecurity Awareness Month was founded in 2004 and this year sees the initiative celebrate 20 years of raising awareness of security...
Cigna Agrees $172m Payment to Settle Fraud Allegations – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 A leading health insurer has agreed to pay over $172m to resolve charges it seriously violated the False Claims Act by...
Royal Family Website Downed by DDoS Attack – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The official website of the UK’s royal family was taken offline by a distributed denial of service (DDoS) attack on Sunday,...
US, UK, and Democratic Nations Unite to Combat Cyber-Threats to Civil Society – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Security agencies from the US and UK last week convened a meeting off democratic nations designed to find new ways of...
WS_FTP flaw CVE-2023-40044 actively exploited in the wild – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini WS_FTP flaw CVE-2023-40044 actively exploited in the wild Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed...
National Logistics Portal (NLP) data leak: seaports in India were left vulnerable to takeover by hackers – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini National Logistics Portal (NLP) data leak: seaports in India were left vulnerable to takeover by hackers The National Logistics Portal...
North Korea-linked Lazarus targeted a Spanish aerospace company – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini North Korea-linked Lazarus targeted a Spanish aerospace company North Korea-linked APT group Lazarus impersonated Meta’s recruiters in an attack against...
Ransomware attack on Johnson Controls may have exposed sensitive DHS data – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Ransomware attack on Johnson Controls may have exposed sensitive DHS data Experts warn that the recent attack on building automation...
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud – Source:thehackernews.com
Source: thehackernews.com – Author: . LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the...
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries – Source:thehackernews.com
Source: thehackernews.com – Author: . Introduction In today’s interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange...
Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses – Source:thehackernews.com
Source: thehackernews.com – Author: . Oct 02, 2023THNWebb Security / Payment Security A financially motivated campaign has been targeting online payment businesses in the Asia Pacific,...
Don’t Let Zombie Zoom Links Drag You Down – Source: krebsonsecurity.com
Source: krebsonsecurity.com – Author: BrianKrebs Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a...
Security researchers believe mass exploitation attempts against WS_FTP have begun – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Security researchers have spotted what they believe to be a “possible mass exploitation” of vulnerabilities in Progress Software’s WS_FTP Server....
AWS stirs the MadPot – busting bot baddies and eastern espionage – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Interview AWS has unveiled MadPot, its previously secret threat-intelligence tool that one of the cloud giant’s security execs tells us...
Yes, Singapore immigration plans to scan your face instead of your passport – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Last week the internet was abuzz with talk that Singapore’s commercial Changi airport was no longer going to require passports...
10 Best Tenable Alternatives & Competitors in 2023 [Features, Pricing & Reviews] – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Adelina Deaconu If you’re in the market for robust security solutions, chances are you’ve heard about Tenable. Their products are renowned for...
Logic Flaws Let Attackers Bypass Cloudflare’s Firewall and DDoS Protection – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Andreea Chebac The effectiveness of Cloudflare’s Firewall and DDoS prevention has been proven to be compromised by an attack technique that takes...
Iran-Linked APT34 Spy Campaign Targets Saudis – Source: www.darkreading.com
Source: www.darkreading.com – Author: Dark Reading Staff, Dark Reading A phishing campaign which drops cyber espionage malware is taking aim at users in the Middle East....
Which DFIR Challenges Does the Middle East Face? – Source: www.darkreading.com
Source: www.darkreading.com – Author: Nick Rago, Tech Journalist With a constantly changing digital landscape, enterprises are finding it harder to keep threats at bay. There isn’t...
Making Sense of Today’s Payment Cybersecurity Landscape – Source: www.darkreading.com
Source: www.darkreading.com – Author: Norman Comstock, Managing Director, UHY Consulting The surge in cybercrime activity since the outbreak of the COVID-19 pandemic has been tough to...
The Silent Threat of APIs: What the New Data Reveals About Unknown Risk – Source: www.darkreading.com
Source: www.darkreading.com – Author: 1 The rapidly evolving digital landscape has given organizations a wealth of capabilities, largely due to the proliferation of cloud applications. Yet,...
NSA AI Security Center – Source: www.schneier.com
Source: www.schneier.com – Author: Bruce Schneier NSA AI Security Center The NSA is starting a new artificial intelligence security center: The AI security center’s establishment follows...
Amazon sends Mastercard, Google Play gift card order emails by mistake – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Lawrence Abrams 10/1/23 update adds Amazon statement below. Amazon mistakenly sent out purchase confirmation emails for Hotels.com, Google Play, and Mastercard gift...
Bugs Found in Another Progress Software File Transfer App – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Governance & Risk Management , Patch Management Expert Warns of Maximum-Severity Flaw ‘You Need to Patch Right Now!’ Prajeet Nair (@prajeetspeaks)...
OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code – Source:thehackernews.com
Source: thehackernews.com – Author: . Oct 02, 2023THNVulnerability / Cyber Attack A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation...
BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground – Source:thehackernews.com
Source: thehackernews.com – Author: . Oct 02, 2023THNCyber Threat / Malware Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that’s being advertised for...