Google to bolster phishing and malware delivery defenses in 2024
Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk...
Android Multiple Vulnerabilities
Multiple vulnerabilities were identified in Android. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
CyberEPQ Course Triples Student Intake for the Coming Year
The Chartered Institute of Information Security (CIISec) has said it hopes to enrol at least 400 students on its CyberEPQ...
Upstream Supply Chain Attacks Triple in a Year
Security experts have warned of surging cyber risk in open source ecosystems, having detected three times more malicious packages in...
Half of Cybersecurity Professionals Report Increase in Cyber-Attacks
Over half (52%) of cybersecurity professionals are experiencing an increase in cyber-attacks compared to a year ago, according to new...
Fifth of Brits Suspect They’ve Been Monitored by Employers
Nearly one in five (19%) adults polled in a new survey from the UK’s privacy regulator think they’ve been monitored...
NSA Establishes AI Security Center
The National Security Agency (NSA) has unveiled the AI Security Center, a new entity dedicated to overseeing the development and...
FortiGuard Uncovers Deceptive Install Scripts in npm Packages
A series of malicious packages hidden within the Node Package Manager (npm), the largest software registry for JavaScript, has been...
Predator Spyware Linked to Madagascar’s Government Ahead of Presidential Election
The Madagascar government likely used the Cytrox-developed Predator spyware to conduct political domestic surveillance ahead of the country’s presidential election,...
EU Cyber Resilience Act Could be Exploited for Surveillance, Experts Warn
The EU’s Cyber Resilience Act (CRA) could be misused by governments for intelligence or surveillance purposes, a group of industry...
Activision – 16,006 breached accounts
HIBP In December 2022, attackers socially engineered an Activision HR employee into disclosing information which led to the breach of...
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages...
Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses
A financially motivated campaign has been targeting online payment businesses in the Asia Pacific, North America, and Latin America with...
Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation
Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under...
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries
Introduction# In today's interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data...
Researcher Reveals New Techniques to Bypass Cloudflare’s Firewall and DDoS Protection
Firewall and distributed denial-of-service (DDoS) attack prevention mechanisms in Cloudflare can be circumvented by exploiting gaps in cross-tenant security controls,...
API Security Trends 2023 – Have Organizations Improved their Security Posture?
APIs, also known as application programming interfaces, serve as the backbone of modern software applications, enabling seamless communication and data...
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could...
Protecting your IT infrastructure with Security Configuration Assessment (SCA)
Security Configuration Assessment (SCA) is critical to an organization's cybersecurity strategy. SCA aims to discover vulnerabilities and misconfigurations that malicious...
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have...
Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers
Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data...
CISA: NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors
NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors Today, the U.S. National Security Agency (NSA), Federal...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote...
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on September 26, 2023. These...
