CISA: CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide
CISA, NSA, FBI, and MS-ISAC Release Update to #StopRansomware Guide Today, the Cybersecurity and Infrastructure Security Agency (CISA), the National...
CISA: Oracle Releases October 2023 Critical Patch Update Advisory
Oracle Releases October 2023 Critical Patch Update Advisory Oracle has released its Critical Patch Update Advisory for October 2023 to...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on October 19, 2023. This...
CISA: CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities
CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198...
CISA: CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP)
CISA Releases Fact Sheet on Effort to Revise the National Cyber Incident Response Plan (NCIRP) Today, the Cybersecurity and Infrastructure...
CISA: Mozilla Releases Security Advisories for Multiple Products
Mozilla Releases Security Advisories for Multiple Products Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on October 24, 2023. This...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Ransomware isn’t going away – the problem is only getting worse
As the world moves steadily to becoming more and more digital, organizations worldwide become increasingly dependent on IT systems to...
European govt email servers hacked using Roundcube zero-day
The Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day in attacks targeting European government entities and...
VMware fixes critical code execution flaw in vCenter Server
VMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks...
Seiko says ransomware attack exposed sensitive customer data
Japanese watchmaker Seiko has confirmed it suffered a Black Cat ransomware attack earlier this year, warning that the incident has...
Citrix Bleed exploit lets hackers hijack NetScaler accounts
A proof-of-concept (PoC) exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication...
Flipper Zero can now spam Android, Windows users with Bluetooth alerts
A custom Flipper Zero firmware called 'Xtreme' has added a new feature to perform Bluetooth spam attacks on Android and...
Samsung Galaxy S23 hacked two more times at Pwn2Own Toronto
Security researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking...
Chilean telecom giant GTD hit by the Rorschach ransomware gang
Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service (IaaS) platform, disrupting online services. Grupo...
AI to Create Demand for Digital Trust Professionals, ISACA Survey Finds
Artificial intelligence (AI) adoption has skyrocketed in 2023 and some fear that this will make some jobs obsolete, but ISACA...
Small Businesses Suffer Record Number of Cyber-Attacks
Nearly three-quarters (73%) of US small business owners reported a cyber-attack last year, with employee and customer data most likely...
Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers
ESET Research has discovered a significant cybersecurity threat as the Winter Vivern group exploited a zero-day cross-site scripting (XSS) vulnerability...
Purchase Scams Surge as Fraud Losses Hit £580m
Authorised push payment (APP) fraud continues to be a major headache for the UK banking industry and its customers, contributing...
Seiko “BlackCat” Data Breach: 60,000 Records on the Line
Seiko Group Corporation (SGC) has recently confirmed the extent of a data breach that it disclosed initially in August. The...
AWS: Security Not a Priority For a Third of SMBs
Cybersecurity is not a strategic priority for 35% of SMBs considering cloud migration, Amazon Web Services (AWS) has revealed.The cloud...
US-CERT Vulnerability Summary for the Week of October 16, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info1e -- platformAffected 1E Platform versions have a Blind SQL Injection vulnerability...
