U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian...
News
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code...
The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are...
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been...
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes...
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer...
How to Automate the Hardest Parts of Employee Offboarding
According to recent research on employee offboarding, 70% of IT professionals say they've experienced the negative effects of incomplete IT...
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be...
The OWASP Top 10: What They Are and How to Test Them
Web applications often handle vast amounts of data, from personal user details to sensitive corporate information. As these applications grow...
PJ&A says cyberattack exposed data of nearly 9 million patients
PJ&A (Perry Johnson & Associates) is warning that a cyberattack in March 2023 exposed the personal information of almost nine...
Fraudsters make $50,000 a day by spoofing crypto researchers
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an...
Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw
Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects...
Ransomware gang files SEC complaint over victim’s undisclosed breach
The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint...
Toronto Public Library confirms data stolen in ransomware attack
The Toronto Public Library (TPL) confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised...
FBI and CISA warn of opportunistic Rhysida ransomware attacks
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors. Rhysida, a...
Samsung hit by new data breach impacting UK store customers
Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized...
US Dismantles IPStorm Botnet Proxy Service
The US authorities have shut down a major botnet comprising tens of thousands of infected endpoints, which cyber-criminals hired to...
BlackCat Ransomware Gang Targets Businesses Via Google Ads
The notorious ALPHV/BlackCat ransomware has been observed using Google Ads to distribute malware. The gang, responsible for the $100m MGM Resorts...
US Government Unveils First AI Roadmap For Cybersecurity
The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural roadmap for artificial...
UK Privacy Regulator Issues Black Friday Smart Device Warning
The Information Commissioner’s Office (ICO) has urged shoppers to investigate the privacy and security credentials of any smart technologies they’re...
Microsoft Fixes Five Zero-Day Vulnerabilities
Microsoft has released fixes for five zero-day vulnerabilities in its monthly update round, three of which are being actively exploited...
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Citrix Hypervisor Security Bulletin for CVE-2023-23583 and CVE-2023-46835
Description of Problem An issue has been discovered that affects Citrix Hypervisor 8.2 CU1 LTSR and may allow malicious privileged...
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed
The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large...
