Leaseweb is restoring ‘critical’ systems after security breach
Leaseweb, one of the world's largest cloud and hosting providers, notified people that it's working on restoring "critical" systems disabled...
News
Kroll data breach exposes info of FTX, BlockFi, Genesis creditors
Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in...
Creative QakBot Attack Tactics Challenge Security Defenses
QukBot was one of the most active malware families in Q2 of 2023, according to the latest HP Wolf Threat...
Researchers Discover Reply URL Takeover Issue in Azure
Security researchers are urging Azure Active Directory (AD) users to monitor for abandoned reply URLs after revealing a critical vulnerability...
Privacy Regulator Warns of Surge in “Text Pest” Cases
The UK’s data protection watchdog is urging victims of so-called “text pests” to come forward after revealing that nearly a...
FBI: Barracuda Appliances Still Being Exploited By China
The FBI has urged users of affected Barracuda appliances to replace them immediately, after warning that they’re still being targeted...
Lazarus Group Targets Internet Infrastructure and Healthcare with ‘QuiteRAT’ Malware
The North Korean state-sponsored actor Lazarus Group recently started a new campaign targeting internet backbone infrastructure and healthcare entities in...
US-CERT Vulnerability Summary for the Week of August 14, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infofoldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI...
Two LAPSUS$ Hackers Convicted in London Court for High-Profile Tech Firm Hacks
Two U.K. teenagers have been convicted by a jury in London for being part of the notorious LAPSUS$ transnational gang...
Learn How Your Business Data Can Amplify Your AI/ML Threat Detection Capabilities
In today's digital landscape, your business data is more than just numbers—it's a powerhouse. Imagine leveraging this data not only...
Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches
The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a...
Navigating Legacy Infrastructure: A CISO’s Actionable Strategy for Success
Every company has some level of tech debt. Unless you're a brand new start-up, you most likely have a patchwork...
China-Linked Flax Typhoon Cyber Espionage Targets Taiwan’s Key Sectors
A nation-state activity group originating from China has been linked to cyber attacks on dozens of organizations in Taiwan as...
Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw
Thousands of Openfire XMPP servers are unpatched against a recently disclosed high-severity flaw and are susceptible to a new exploit,...
Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal
The U.S. Justice Department (DoJ) on Wednesday unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer...
Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware
The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho...
The Hidden Dangers of Public Wi-Fi
Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With...
New Telegram Bot “Telekopye” Powering Large-scale Phishing Scams from Russia
A new financially motivated operation is leveraging a malicious Telegram bot to help threat actors scam their victims. Dubbed Telekopye,...
WinRAR Security Flaw Exploited in Zero-Day Attacks to Target Traders
A recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023,...
New “Whiffy Recon” Malware Triangulates Infected Device Location via Wi-Fi Every Minute
The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows...
Last call for mWISE, the security conference for frontline practitioners.
We’re down to the final weeks of registration for mWISE, the highly targeted, community-focused cybersecurity conference from Mandiant, now part...
Hackers use public ManageEngine exploit to breach internet org
The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk...
Exploit released for Ivanti Sentry bug abused as zero-day in attacks
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code...
Jupiter X Core WordPress plugin could let hackers hijack sites
Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow...
