Russian APT28 Exploits Outlook Bug to Access Exchange
A prolific Russian state-sponsored APT group is actively exploiting a known vulnerability in Outlook to access email accounts in Exchange...
UK FCA Warns of Christmas Loan Fee Fraud Surge
The UK’s financial regulator has warned UK households struggling with the high cost of living to be on the lookout...
Police Arrest 1000 Suspected Money Mules
Global law enforcers have arrested just over 1000 individuals suspected of money laundering, and identified thousands more, in a new...
Disney+ Cyber Scheme Exposes New Impersonation Attack Tactics
Brand impersonation in cyber-attacks has reached new levels of sophistication, a recent research article by Abnormal Security has highlighted. Traditionally observed in...
SpyLoan Scams Target Android Users With Deceptive Apps
Security researchers have uncovered a surge in deceptive Android loan apps since the beginning of 2023. These applications, posing as legitimate...
LockBit Remains Top Global Ransomware Threat
The LockBit ransomware strain continues to be the primary digital extortion threat to all regions, and almost all industries globally,...
Deutsche Wohnen Ruling Set to Drive Up GDPR Fines
Legal experts have warned that a “landmark” ruling by the European Court of Justice (ECJ) could have major financial ramifications...
Trojan-Proxy Threat Expands Across macOS, Android and Windows
Security researchers have identified a new threat involving cracked applications distributed by unauthorized websites, concealing a Trojan-Proxy designed to compromise...
78% of CISOs Concerned About AppSec Manageability
A substantial 78% of CISOs have expressed concerns about the current unmanageability of application security (AppSec) attack surfaces, emphasizing the...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities within Safari, macOS Sonoma, iOS,...
CISA: CISA Removes One Known Exploited Vulnerability From Catalog
CISA Removes One Known Exploited Vulnerability From Catalog CISA is continually collaborating with partners across government and the private sector....
CISA: CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs
CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs Today, CISA, the Federal Bureau of Investigation (FBI),...
CISA: Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems
Multiple Vulnerabilities Affecting Web-Based Court Case and Document Management Systems CISA has assisted a researcher with coordinating the disclosure of...
CISA: CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps
CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps Today, as part of the Secure by...
CISA: CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA Adds Four Known Exploited Vulnerabilities to Catalog CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 5, 2023. These...
CISA: CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion
CISA Releases Advisory on Threat Actors Exploiting CVE-2023-26360 Vulnerability in Adobe ColdFusion Today, CISA released a Cybersecurity Advisory (CSA), Threat...
PassBreaker – Command-line Password Cracking Tool Developed In Python
PassBreaker is a command-line password cracking tool developed in Python. It allows you to perform various password cracking techniques such...
CISA: CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps
CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps Today, as part of the Secure by...
HackerOne Bug Bounty Disclosure: b-csrf-that-makes-any-linkedin-user-follow-attacker-controlled-accounts-by-simply-clicking-https-www-linkedin-com-comm-mynetwork-discovery-see-all-b-marvelmaniac
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'marvelmaniac'Link to Submitters Profile:https://hackerone.com/b'marvelmaniac' Report Title:b'CSRF that makes any linkedin user follow...
HackerOne Bug Bounty Disclosure: b-cve-cookie-mixed-case-psl-bypass-b-nyymi
Company Name: b'curl' Company HackerOne URL: https://hackerone.com/curl Submitted By:b'nyymi'Link to Submitters Profile:https://hackerone.com/b'nyymi' Report Title:b'CVE-2023-46218: cookie mixed case PSL bypass'Report Link:https://hackerone.com/reports/2212193Date...
HackerOne Bug Bounty Disclosure: b-csrf-that-makes-any-user-send-invitations-to-the-attacker-by-simply-clicking-on-a-link-b-marvelmaniac
Company Name: b'LinkedIn' Company HackerOne URL: https://hackerone.com/linkedin Submitted By:b'marvelmaniac'Link to Submitters Profile:https://hackerone.com/b'marvelmaniac' Report Title:b'CSRF that makes any user send invitations...
