Hackers exploited Salesforce zero-day in Facebook phishing attack
Hackers exploited a zero-day vulnerability in Salesforce's email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable...
Russian hackers target govt orgs in Microsoft Teams phishing attacks
Microsoft says a hacking group tracked as APT29 and linked to Russia's Foreign Intelligence Service (SVR) targeted dozens of organizations...
Ivanti discloses new critical auth bypass bug in MobileIron Core
IT software company Ivanti disclosed today a new critical security vulnerability in its MobileIron Core mobile device management software. Tracked...
Fake FlipperZero sites promise free devices after completing offer
A site impersonating Flipper Devices promises a free Flipper Zero after completing an offer but only leads to shady browser...
New Collide+Power side-channel attack impacts almost all CPUs
A new software-based power side-channel attack called 'Collide+Power' was discovered, impacting almost all CPUs and potentially allowing data to leak....
Over 640 Citrix servers backdoored with web shells in ongoing attacks
Hundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting...
CISA in New Warning Over Ivanti Vulnerabilities
US and Norwegian security agencies have released a new security advisory warning that APT actors may be combining exploits for...
OT/IoT Malware Surges Tenfold in First Half of the Year
Malware-related cyber-threats in operational technology (OT) and Internet of Things (IoT) environments jumped tenfold in the first six months of...
Russian Cybersecurity Exec Wanted By Russia and US
An employee at a Russian cybersecurity vendor has found himself at the center of a geopolitical tussle between the US...
Threat Actors Use AWS SSM Agent as a Remote Access Trojan
Threat actors have been observed using Amazon Web Services (AWS) 's System Manager (SSM) agent as a Remote Access Trojan...
Cloud Firm Under Scrutiny For Suspected Support of APT Operations
The cloud firm Cloudzy has come under scrutiny for its alleged support of advanced persistent threat (APT) operations.In a new...
AI-Powered CryptoRom Scam Targets Mobile Users
CryptoRom, a notorious scam that combines fake cryptocurrency trading and romance scams, has taken a new twist by utilizing generative...
AI-Enhanced Phishing Driving Ransomware Surge
Government agencies alongside education and healthcare organizations have become prime targets for ransomware operators over the past three years.According to...
MagicDuel – 138,443 breached accounts
HIBP In August 2023, the MagicDuel Adventure website suffered a data breach that exposed 138k user records. The data included...
CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments
CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081
Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 Ivanti has identified and released patches for a directory traversal vulnerability(link is...
CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...
CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse
CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse The Australian Signals Directorate’s Australian Cyber...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities for Firefox 116,...
CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities
CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities The Cybersecurity and Infrastructure...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on August 1, 2023. This...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors
CISA Releases Malware Analysis Reports on Barracuda Backdoors CISA has published three malware analysis reports on malware variants associated with...
