Citrix NetScaler Alert: Ransomware Hackers Exploiting Critical Vulnerability
Unpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what's suspected to be...
News
DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates
A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity...
Mom’s Meals discloses data breach impacting 1.2 million people
PurFoods, which conducts business in the U.S. as 'Mom's Meals,' is warning of a data breach after the personal information...
Four common password mistakes hackers love to exploit
Our brains are incredibly good at pattern completion – it’s why we see animals in the clouds and remember entire...
Microsoft will enable Exchange Extended Protection by default this fall
Microsoft announced today that Windows Extended Protection will be enabled by default on servers running Exchange Server 2019 starting this...
Spain warns of LockBit Locker ransomware phishing attacks
The National Police of Spain is warning of an ongoing 'LockBit Locker' ransomware campaign targeting architecture companies in the country...
Exploit released for Juniper firewall bugs allowing RCE attacks
Proof-of-concept exploit code has been publicly released for vulnerabilities in Juniper SRX firewalls that, when chained, can allow unauthenticated attackers...
Attacks on Citrix NetScaler systems linked to ransomware actor
A threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to...
MalDoc in PDFs: Hiding malicious Word docs in PDF files
Japan's computer emergency response team (JPCERT) is sharing a new 'MalDoc in PDF' attack detected in July 2023 that bypasses...
Juniper Junos OS Multiple Vulnerabilities
Multiple vulnerabilities were identified in Juniper Junos OS. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege
Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application...
KmsdBot Malware Gets an Upgrade: Now Targets IoT Devices with Enhanced Capabilities
An updated version of a botnet malware called KmsdBot is now targeting Internet of Things (IoT) devices, simultaneously branching out...
Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel
In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages...
Cyberattacks Targeting E-commerce Applications
Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and...
ICO calls on social media firms to protect user’s data from scraping
UK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a...
Rhysida claims ransomware attack on Prospect Medical, threatens to sell data
The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000...
US-CERT Vulnerability Summary for the Week of August 14, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infofoldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI...
US-CERT Vulnerability Summary for the Week of August 14, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infofoldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI...
LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants
The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn...
Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack
Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly...
Data breach at French govt agency exposes info of 10 million people
Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging...
Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection
Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing,...
ICO calls social media firms to protect people’s data from scraping
UK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a...
