Kali Linux 2023.3 released with 9 new tools, internal changes
Kali Linux 2023.3, the third version of 2023, is now available for download, with nine new tools and internal optimizations....
US charges founders of Tornado Cash mixer used by Lazarus hackers
The U.S. Justice Department charged two Tornado Cash founders with helping criminals, including the notorious North Korean Lazarus hacking group,...
Over 3,000 Openfire servers vulnerable to takover attacks
Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user...
Discord starts notifying users affected by March data breach
Starting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to...
New stealthy techniques let hackers gain Windows SYSTEM privileges
Security researchers have released NoFilter, a tool that abuses the Windows Filtering Platform to elevate a user's privileges to increases...
Lapsus$ teen hackers convicted of high-profile cyberattacks
A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole...
Bitwarden releases free and open-source E2EE Secrets Manager
Bitwarden, the maker of the popular open-source password manager tool, has released ‘Secrets Manager,’ an end-to-end encrypted secrets manager for...
US ARPA-H Initiative Counters Healthcare Cyber-Threats
In a bid to counter cyber-attacks targeting the US healthcare system, the Advanced Research Projects Agency for Health (ARPA-H), operating...
MOVEit Exploitation Fallout Drives Record Ransomware Attacks
Ransomware attacks hit record levels in July 2023, driven by the Clop gang’s exploitation of the MOVEit vulnerability, according to...
Cyber-Attack on Australian Utility Firm Energy One Spreads to UK Systems
A cyber-attack on Australian utility company, Energy One Limited (EOL), could have international impact with the firm’s corporate systems in...
Experian Pays $650,000 to Settle Spam Claims
Experian Consumer Services has agreed to a permanent injunction and to pay a civil penalty of $650,000 to settle allegations...
Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims
Cybersecurity-as-a-Service provider Critical Insight has unveiled its 2023 H1 Healthcare Data Breach Report, offering insights into the cybersecurity landscape of...
TP-Link Smart Bulb Spills Wi-Fi Passwords
Security researchers from Italy and London have discovered several vulnerabilities in a popular brand of smart light bulbs, which could...
Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset
Cybersecurity researchers from ESET have uncovered a malicious toolset named Spacecolon that has been deployed to spread variants of the...
Doubling of Identity Theft Victims With Suicidal Thoughts
Some 16% of American identity theft victims have had suicidal thoughts following their experiences, up from just 8% in 2020,...
Artificial Intelligence and USBs Drive 8% Rise in Cyber-Attacks
Check Point Research has released its 2023 Mid-Year Security Report. The research reveals a concerning 8% surge in global weekly...
WinRAR Vulnerability Affects Traders Worldwide
Cybersecurity researchers have exposed a zero-day vulnerability (CVE-2023-38831) in the popular WinRAR compression tool, which cyber-criminals have exploited to target...
XLoader MacOS Malware Variant Returns With OfficeNote Facade
The notorious XLoader malware has resurfaced, posing as a seemingly innocuous office productivity app named “OfficeNote.”Known for its malicious activities...
Duolingo – 2,676,696 breached accounts
HIBP In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained...
US-CERT Vulnerability Summary for the Week of August 14, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infofoldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI...
Evil QR – Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice
Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing. It...
Meta Set to Enable Default End-to-End Encryption on Messenger by Year End
Meta has once again reaffirmed its plans to roll out support for end-to-end encryption (E2EE) by default for one-to-one friends...
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to...
Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead
Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11,...
