How Pentesting As A Service Can Reduce Overall Security Costs
If your job involves keeping applications or data secure, you know how important penetration testing can be in identifying potential...
cybersecurity
Decade Old Linux Wall Bug Helps Make Fake Sudo Prompts Steal Passwords
A vulnerability in the wall command of the util-linux package that is part of the Linux operating system could allow an unprivileged...
Retail Chain Hot Topic Hit By New Credential Stuffing Attacks
Image: Midjourney American retailer Hot Topic disclosed that two waves of credential stuffing attacks in November exposed affected customers' personal...
Cisa Tags Microsoft Sharepoint Rce Bug As Actively Exploited
CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege...
Google Fixes Chrome Zero Days Exploited At Pwn2own 2024
Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver...
Google Spyware Vendors Behind 50 Percent Of Zero Days Exploited In 2023
Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day...
Inc Ransom Threatens To Leak 3tb Of Nhs Scotland Stolen Data
The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service...
Ransomware As A Service And The Strange Economics Of The Dark Web
Ransomware is changing, fast. The past three months have seen dramatic developments among the ransomware ecosystem to include the takedown...
New Darcula Phishing Service Targets Iphone Users Via Imessage
A new phishing-as-a-service (PhaaS) named ‘Darcula’ uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users...
Free Vpn Apps On Google Play Turned Android Phones Into Proxies
Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices...
700 Cybercrime Software Turns Raspberry Pi Into An Evasive Fraud Tool
Cybercriminals are selling custom Raspberry Pi software called 'GEOBOX' on Telegram, which allows inexperienced hackers to convert the mini-computers into...
Finland Confirms Apt31 Hackers Behind 2021 Parliament Breach
Image: Midjourney The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State...
Themoon Malware Infects 6 000 Asus Routers In 72 Hours For Proxy Service
A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO)...
Hackers Exploit Ray Framework Flaw To Breach Servers Hijack Resources
A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing...
Germany Warns Of 17k Vulnerable Microsoft Exchange Servers Exposed Online
The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed...
New Zenhammer Memory Attack Impacts Amd Zen Cpus
Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map...
New Mfa Bypassing Phishing Kit Targets Microsoft 365 Gmail Accounts
Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and...
Us Sanctions Apt31 Hackers Behind Critical Infrastructure Attacks
The U.S. Treasury Department has sanctioned a Wuhan-based company used by the Chinese Ministry of State Security (MSS) as cover in attacks...
Us Sanctions Crypto Exchanges Used By Russian Darknet Market Banks
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned three cryptocurrency exchanges for working with OFAC-designated Russian...
Hackers Poison Source Code From Largest Discord Bot Platform
The Top.gg Discord bot community with over 170,000 members has been impacted by a supply-chain attack aiming to infect developers...
Cisa Urges Software Devs To Weed Out Sql Injection Vulnerabilities
CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to...
Panera Bread Experiencing Nationwide It Outage Since Saturday
Since Saturday, U.S. food chain giant Panera Bread has been experiencing a nationwide outage that has impacted its IT systems,...
Over 100 Us And Eu Orgs Targeted In Strelastealer Malware Attacks
A new large-scale StrelaStealer malware campaign has impacted over a hundred organizations across the United States and Europe, attempting to...
Mozilla Fixes Two Firefox Zero Day Bugs Exploited At Pwn2own
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver...
