CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on January 18, 2024. These...
OSINT
CISA: Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway
Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549)...
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver...
CISA: Drupal Releases Security Advisory for Drupal Core
Drupal Releases Security Advisory for Drupal Core Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions....
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to...
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified...
MFA Spamming and Fatigue: When Security Measures Go Wrong
In today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To...
This Free Discovery Tool Finds and Mitigates AI-SaaS Risks
Wing Security announced today that it now offers free discovery and a paid tier for automated control over thousands of...
Ishutdown Scripts Can Help Detect Ios Spyware On Your Iphone
Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices...
Amd Apple Qualcomm Gpus Leak Ai Data In Leftoverlocals Attacks
A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from...
Microsoft Iranian Hackers Target Researchers With New Mediapl Malware
Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe...
Bigpanzi Botnet Infects 170 000 Android Tv Boxes With Malware
A previously unknown cybercrime syndicate named 'Bigpanzi' has been making significant money by infecting Android TV and eCos set-top boxes...
Cisa Pushes Federal Agencies To Patch Citrix Rce Within A Week
Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days...
Wazuh Building Robust Cybersecurity Architecture With Open Source Tools
Cybersecurity architecture refers to the design and structure of an organization's approach to securing its information systems. It outlines the...
Have I Been Pwned Adds 71 Million Emails From Nazapi Stolen Account List
Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to...
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts
High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and...
Critical Vulnerabilities in Siemens Products
Siemens has released security updates addressing critical vulnerabilities (CVE-2023-51438 and CVE-2023-49621) in their SIMATIC IPC and SIMATIC NC 4100 products. The...
Active Exploitation of Zero-Day Vulnerability in Google Chrome
Google has released security updates addressing a zero-day vulnerability (CVE-2024-0519) in their Chrome browser on Windows, Mac and Linux systems....
Active Exploitation of Zero-Day Vulnerability in Citrix’s Netscaler ADC and Gateway Products
Citrix has released security updates addressing a zero-day vulnerability (CVE-2023-6549) in their Netscaler ADC and Gateway products. The vulnerability is...
Active Exploitation of Critical Vulnerability in VMware’s Aria Automation
VMware has released security updates addressing a critical vulnerability (CVE-2023-34063) in VMware Aria Automation. The vulnerability has a Common Vulnerability...
Naz.API – 70,840,771 breached accounts
HIBP In September 2023, over 100GB of stealer logs and credential stuffing lists titled "Naz.API" was posted to a popular...
CISA: Cisco Releases Security Advisory for Cisco Unity Connection
Cisco Releases Security Advisory for Cisco Unity Connection Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco...
CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on January 11, 2024. These...
CISA: Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways
Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways Ivanti has released a security update to address an...
