Source: www.infosecurity-magazine.com – Author: 1 Attackers have been observed using the notorious Sorillus remote access trojan (RAT) and phishing attacks to exploit Google Firebase Hosting infrastructure. The...
Source: www.infosecurity-magazine.com – Author: 1 A new discussion paper has set out recommendations for the European Union (EU) on how to ensure member states are protected...
Source: www.infosecurity-magazine.com – Author: 1 A Russian security agent has been charged with smuggling ammunition and dual-use technology, including various electronics which helped the Kremlin war...
Source: heimdalsecurity.com – Author: Adelina Deaconu The ransomware operation known as BlackCat, also referred to as Alphv ransomware, has been utilized by members of the Alphv...
Source: heimdalsecurity.com – Author: Cristian Neagu In June 2023, a threat actor was linked to a cloud credential stealing campaign that targeted Microsoft Azure and Google...
Source: heimdalsecurity.com – Author: Cristian Neagu What Is the BlueKeep Vulnerability? BlueKeep is a software vulnerability that affects older versions of Microsoft Windows. Also known as...
Source: heimdalsecurity.com – Author: Cristian Neagu Vulnerabilities are common to any business. And judging by the pace at which threat actors are advancing in their technologies,...
Source: heimdalsecurity.com – Author: Mihaela Marian The concept of Just-in-Time Access has been around for decades but it is only recently that it has become popular...
Source: heimdalsecurity.com – Author: Mihaela Marian In the interconnected realm of digital technology, safeguarding cybersecurity has become an utmost priority for organizations. Traditional security approaches, such...
Source: heimdalsecurity.com – Author: Cristian Neagu A vulnerability in the Cisco SD-WAN vManage management tool enables a remote, unauthenticated attacker to obtain read or restricted write...
Source: heimdalsecurity.com – Author: Mihaela Marian Six high-severity and one low-severity vulnerability patches have been released by Zoom. These flaws, if left unattended, would allow threat...
Source: heimdalsecurity.com – Author: Adelina Deaconu Microsoft has revealed that Chinese hackers successfully accessed the email accounts of various government organizations. The breach was reportedly detected...
Source: heimdalsecurity.com – Author: Mihaela Marian Russian state-sponsored hacking group ‘APT29,’ also known as Nobelium or Cloaked Ursa, has employed innovative tactics to target diplomats in...
Source: heimdalsecurity.com – Author: Livia Gyongyoși Advanced Endpoint Protection (AEP) is an AI-powered cybersecurity toolkit that focuses on detecting and preventing unknown cyber threats from harming...
Source: www.troyhunt.com – Author: Troy Hunt Today was a bit back-to-back having just wrapped up the British Airways Magecart attack webinar with Scott. That was actually...
Source: heimdalsecurity.com – Author: Cristian Neagu What Is Vulnerability Management? Vulnerability management is an ongoing risk-based approach to discovering, prioritizing, and mitigating vulnerabilities and misconfigurations. The purpose...
Source: www.troyhunt.com – Author: Troy Hunt Each year since 2011, Microsoft has sent me a lovely email around this time: I’ve been fortunate enough to find...
Source: www.infosecurity-magazine.com – Author: 1 Security researchers from Rapid7 have found active exploitation of multiple vulnerabilities in Adobe ColdFusion, a web development computing platform. On July...
Source: www.infosecurity-magazine.com – Author: 1 The US Cybersecurity and Infrastructure Security Agency (CISA) has released a comprehensive factsheet on July 17, 2023, to assist businesses transitioning...
Source: www.infosecurity-magazine.com – Author: 1 Threat actors have extensively been using a sophisticated web-inject kit called drIBAN to orchestrate fraudulent attacks on corporate banking institutions and...
Source: www.infosecurity-magazine.com – Author: 1 Identity and access management solutions provider JumpCloud has revealed on July 12, 2023, that it was the target of a security breach...
Source: www.infosecurity-magazine.com – Author: 1 A suspected scammer who used scareware to trick hundreds of thousands of global victims into handing over money has been arrested...
Source: www.infosecurity-magazine.com – Author: 1 Security researchers have recorded over one million attempts to compromise a popular WordPress plugin over the past few days. Wordfence said...
Source: www.infosecurity-magazine.com – Author: 1 A former IT security analyst has been jailed for three years and seven months after attempting to extort his employer, according...
Source: www.infosecurity-magazine.com – Author: 1 Conor Brian Fitzpatrick, famously known as “Pompompurin,” has entered a guilty plea for hacking charges in the United States District Court...
Source: www.infosecurity-magazine.com – Author: 1 The Ukrainian government’s Computer Emergency Response Team (CERT-UA) has recently unveiled the rapid data theft methods of the APT known as...
Source: www.infosecurity-magazine.com – Author: 1 Attackers have been observed using the notorious Sorillus remote access trojan (RAT) and phishing attacks to exploit Google Firebase Hosting infrastructure. The...
Source: securityaffairs.com – Author: Pierluigi Paganini The online malware scanning service VirusTotal leaked data associated with some registered customers, German newspapers reported. German newspapers Der Spiegel and Der...
Source: securityaffairs.com – Author: Pierluigi Paganini The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group...
Source: securityaffairs.com – Author: Pierluigi Paganini Threat actors are actively exploiting a critical flaw, tracked as CVE-2023-28121, in the WooCommerce Payments WordPress plugin. Threat actors are actively...
