Porn Age Checks Threaten Security and Privacy, Report Warns
New legal requirements to check users’ ages before they can access pornography online could create serious security and privacy risks,...
News
Sellafield Accused of Covering Up Major Cyber Breaches
A UK facility containing the world’s largest stockpile of civil plutonium has been breached by hackers linked to Russia and...
SpyLoan Scams Target Android Users With Deceptive Apps
Security researchers have uncovered a surge in deceptive Android loan apps since the beginning of 2023. These applications, posing as legitimate...
Disney+ Cyber Scheme Exposes New Impersonation Attack Tactics
Brand impersonation in cyber-attacks has reached new levels of sophistication, a recent research article by Abnormal Security has highlighted. Traditionally observed in...
Police Arrest 1000 Suspected Money Mules
Global law enforcers have arrested just over 1000 individuals suspected of money laundering, and identified thousands more, in a new...
UK FCA Warns of Christmas Loan Fee Fraud Surge
The UK’s financial regulator has warned UK households struggling with the high cost of living to be on the lookout...
Deutsche Wohnen Ruling Set to Drive Up GDPR Fines
Legal experts have warned that a “landmark” ruling by the European Court of Justice (ECJ) could have major financial ramifications...
LockBit Remains Top Global Ransomware Threat
The LockBit ransomware strain continues to be the primary digital extortion threat to all regions, and almost all industries globally,...
78% of CISOs Concerned About AppSec Manageability
A substantial 78% of CISOs have expressed concerns about the current unmanageability of application security (AppSec) attack surfaces, emphasizing the...
Trojan-Proxy Threat Expands Across macOS, Android and Windows
Security researchers have identified a new threat involving cracked applications distributed by unauthorized websites, concealing a Trojan-Proxy designed to compromise...
US-CERT Vulnerability Summary for the Week of November 27, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapache -- dolphinschedulerExposure of Sensitive Information to an Unauthorized Actor vulnerability in...
SpyLoan Android malware on Google Play downloaded 12 million times
More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this...
Multiple NFT collections at risk by flaw in open-source library
A vulnerability in an open-source library that is common across the Web3 space impacts the security of pre-built smart contracts,...
Holiday Hackers: How to Safeguard Your Service Desk
Hackers really don’t take holidays, but they will take advantage of them. Consumer traffic rises sharply during the holidays. Correspondingly,...
Hackers breach US govt agencies using Adobe ColdFusion exploit
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified...
Kali Linux 2023.4 released with GNOME 45 and 15 new tools
Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and...
HTC Global Services confirms cyberattack after data leaked online
IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware...
New AeroBlade hackers target aerospace sector in the U.S.
A previously unknown cyber espionage hacking group named 'AeroBlade' was discovered targeting organizations in the United States aerospace sector. The...
Stealthier version of P2Pinfect malware targets MIPS devices
The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS (Microprocessor without Interlocked Pipelined...
December Android updates fix critical zero-click RCE flaw
Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code...
Tipalti investigates claims of data stolen in ransomware attack
Updated 12/4/23 to include information from Roblox. Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network...
Fake WordPress security advisory pushes backdoor plugin
WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with...
Russian Developer Pleads Guilty to Trickbot Conspiracy
A Russian man has pleaded guilty to charges connected to his involvement in the infamous Trickbot malware.Vladimir Dunaev, 40, of...
US Confirms Iranian Attacks on Water Companies
The US Cybersecurity and Infrastructure Security Agency (CISA) has revealed Iran’s Islamic Revolutionary Guard Corps (IRGC) is behind a series...
