New Fortinet Rce Flaw In Ssl Vpn Likely Exploited In Attacks
Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks....
News
Android Xloader Malware Can Now Auto Execute After Installation
A new version of the XLoader Android malware was discovered that automatically executes on devices it infects, requiring no user...
Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices...
Linux Devs Rush to Patch Critical Vulnerability in Shim
Linux developers have addressed a new security flaw discovered in Shim, a component crucial for the boot process in Linux-based...
Raspberry Robin Evolves With Stealth Tactics, New Exploits
Raspberry Robin, a malware initially identified in 2021, has demonstrated remarkable adaptability and sophistication in its recent operations, according to...
Critical Manufacturing Vulnerabilities Surge 230% in Six Months
Threat actors are targeting operational technology (OT) and Internet of Things (IoT) environments with increasing sophistication and have a growing...
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some...
Unified Identity – look for the meaning behind the hype!
If you've listened to software vendors in the identity space lately, you will have noticed that "unified" has quickly become...
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse...
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods
The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues...
Kimsuky’s New Golang Stealer ‘Troll’ and ‘GoBear’ Backdoor Target South Korea
The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll...
Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products
Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to...
Ransomware Payments Reached Record 11 Billion In 2023
Ransomware payments in 2023 soared above $1.1 billion for the first time, shattering previous records and reversing the decline seen...
Chinese Hackers Fail To Rebuild Botnet After Fbi Takedown
Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in...
Critical Flaw In Shim Bootloader Impacts Major Linux Distros
A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system...
How To Apply Zero Trust To Your Active Directory
In the past, many organizations chose to trust users and devices within their secure perimeters. This is no longer possible,...
Critical Cisco Bug Exposes Expressway Gateways To Csrf Attacks
Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing...
Denmark Orders Schools To Stop Sending Student Data To Google
The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use...
Google Tests Blocking Side Loaded Android Apps With Risky Permissions
Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that...
Fortinet Warns Of New Fortisiem Rce Bugs In Confusing Disclosure
Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM...
Chinese Hackers Hid In Us Infrastructure Network For 5 Years
The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at...
No 3 Million Electric Toothbrushes Were Not Used In A Ddos Attack
Update added below with Fortinet's statement confirming our reporting. A widely reported story that 3 million electric toothbrushes were hacked with...
Facebook Ads Push New Ov3r Stealer Password Stealing Malware
A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and...
Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros
The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave...
