AI-Powered CryptoRom Scam Targets Mobile Users
CryptoRom, a notorious scam that combines fake cryptocurrency trading and romance scams, has taken a new twist by utilizing generative...
News
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023
About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have...
Researchers Uncover AWS SSM Agent Misuse as a Covert Remote Access Trojan
Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent...
Phishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook Campaign
A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to...
Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures
A Russa-nexus adversary has been linked to 94 new domains, suggesting that the group is actively modifying its infrastructure in...
Top Industries Significantly Impacted by Illicit Telegram Networks
In recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless...
Iranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State Hackers
Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups...
How to manage a mass password reset due to a ransomware attack
Interrupted classes, disrupted planning, and postponed events – IT outages have a big impact on modern university life. But as...
CISA issues new warning on actively exploited Ivanti MobileIron bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of state hackers exploiting two flaws in Ivanti's Endpoint Manager...
Retail chain Hot Topic discloses wave of credential-stuffing attacks
American apparel retailer Hot Topic is notifying customers about multiple cyberattacks between February 7 and June 21 that resulted in...
Cybercriminals train AI chatbots for phishing, malware attacks
In the wake of WormGPT, a ChatGPT clone trained on malware-focused data, a new generative artificial intelligence hacking tool called...
Threat actors abuse Google AMP for evasive phishing attacks
Security researchers are warning of increased phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures...
Hackers use new malware to breach air-gapped devices in Eastern Europe
Chinese state-sponsored hackers have been targeting industrial organizations with new malware that can steal data from air-gapped systems. Air-gapped systems...
Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability
Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day...
New NodeStealer Variant Targeting Facebook Business Accounts and Crypto Wallets
Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that's equipped to fully take over Facebook business...
NHS Staff Reprimanded For WhatsApp Data Sharing
An NHS trust has been reprimanded by the UK’s data protection regulator after it was discovered that staff had been...
Capita Boss to Step Down
The boss of one of Europe’s largest outsourcing companies has announced his retirement, several months after the firm suffered a...
New WikiLoader Malware Goes to Extreme Lengths to Hide
Security researchers have uncovered new loader malware under active development which uses multiple mechanisms to evade detection.Proofpoint said it detected...
Cloud Tech Debt Puts Millions of Apps at Risk, Says New Report
A new report has shed light on critical cloud risks, with a focus on the growing threat of cloud tech...
Novel Worm-Like Malware P2Pinfect Targets Redis Deployments
A new and sophisticated malware campaign named “P2Pinfect” has been observed targeting publicly-accessible deployments of the Redis data store.According to a...
Canon Inkjet Printers Expose Wi-Fi Threat
Canon has raised concerns over potential security risks linked to the disposal of inkjet printers. In a security advisory published on...
New Infostealer Uncovered in Phishing Scam Targeting Facebook Business Accounts
Unit 42 researchers have uncovered another phishing campaign designed to take over Facebook business accounts using a newly identified infostealer...
US-CERT Vulnerability Summary for the Week of July 24, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...
