Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs
Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen...
Purplefox Malware Infects Thousands Of Computers In Ukraine
The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least...
Cisa Orders Federal Agencies To Disconnect Ivanti Vpn Appliances By Saturday
CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple...
More Android Apps Riddled With Malware Spotted On Google Play
An Android remote access trojan (RAT) known as VajraSpy was found in 12 malicious applications, six of which were available...
Ftc Orders Blackbaud To Boost Security After Massive Data Breach
Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading...
Cloudflare Hacked Using Auth Tokens Stolen In Okta Attack
Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence...
New Windows Event Log Zero Day Flaw Gets Unofficial Patches
Free unofficial patches are available for a new Windows zero-day flaw dubbed EventLogCrasher that lets attackers remotely crash the Event Log...
CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and...
Ivanti Releases Zero-Day Patches and Reveals Two New Bugs
Ivanti has finally released patches for two critical zero-day vulnerabilities, but said the update also covers two new bugs – one...
US Thwarts Volt Typhoon Cyber Espionage Campaign Through Router Disruption
Hundreds of routers have been disabled in the US in an effort to take down a cyber espionage campaign conducted...
Interpol-Led Initiative Targets 1300 Suspicious IPs
Unveiling a new operation named Synergia, law enforcement agencies from over 50 Interpol member countries have joined forces in a...
Google’s Bazel Exposed to Command Injection Threat
Security researchers have recently unearthed a supply-chain vulnerability within Bazel, one of Google’s flagship open-source products. The flaw centered around a...
Pump-and-Dump Schemes Make Crypto Fraudsters $240m
Market manipulators may have made over $240m last year by artificially inflating the value of Ethereum tokens, according to Chainalysis.The...
US Agencies Failure to Oversee Ransomware Protections Threaten White House Goals
The White House’s goal of bolstering the cyber resilience of critical infrastructure is being threatened by US federal agencies’ lack...
CISA: CISA Releases Eight Industrial Control Systems Advisories
CISA Releases Eight Industrial Control Systems Advisories CISA released eight Industrial Control Systems (ICS) advisories on January 30, 2024. These...
CISA: Guidance: Assembling a Group of Products for SBOM
Guidance: Assembling a Group of Products for SBOM Today, CISA published Guidance on Assembling a Group of Products created by the Software...
CISA: Updated: New Software Updates and Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways
Updated: New Software Updates and Mitigations to Defend Against Exploitation of Ivanti Connect Secure and Policy Secure Gateways Note: CISA...
CISA: Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series
Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series Juniper Networks released a security...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on January 25, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on February 1, 2024. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers
CISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO Routers Today, CISA and the...
CISA: Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components
Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components Moby and the Open Container Initiative...
