Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin
Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime...
News
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root...
Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining
A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency...
Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics
The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an...
How Wazuh Improves IT Hygiene for Cyber Security Resilience
IT hygiene is a security best practice that ensures that digital assets in an organization's environment are secure and running...
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites
WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that's installed on over five...
N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT
Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that's employed by the North Korean state-sponsored...
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to...
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root...
Toyota finds more misconfigured servers leaking customer info
Toyota Motor Corporation has discovered two additional misconfigured cloud services that leaked car owners' personal information for over seven years....
7 Stages of Application Testing: How to Automate for Continuous Security
With cyber-attacks becoming more sophisticated, organizations are becoming increasingly aware of the importance of safeguarding their web applications against security...
Dark Pink hackers continue to target govt and military organizations
The Dark Pink APT hacking group continues to be very active in 2023, observed targeting government, military, and education organizations...
Hackers exploit critical Zyxel firewall flaw in ongoing attacks
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install...
Terminator antivirus killer is a vulnerable Windows driver in disguise
A threat actor known as Spyboy is promoting a tool called "Terminator" on a Russian-speaking hacking forum that can allegedly...
Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools,...
Stealthy SeroXen RAT malware increasingly used to target gamers
A stealthy remote access trojan (RAT) named 'SeroXen' has recently gained popularity as cybercriminals begin using it for its low...
Exploit released for RCE flaw in popular ReportLab PDF library
A researcher has published a working exploit for a remote code execution (RCE) flaw impacting ReportLab Toolkit, a popular Python...
US-CERT Vulnerability Summary for the Week of May 22, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of...
Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers
Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code...
Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities
Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations, leading to unauthorized...
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root...
Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining
A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency...
Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to...
6 Steps to Effectively Threat Hunting: Safeguard Critical Assets and Fight Cybercrime
Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently...
