Monthly Archives: January 2024

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting...

19
Jan
Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators

In the current digital landscape, data has emerged as a crucial asset for organizations, akin...

19
Jan
Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package

A malicious package uploaded to the npm registry has been found deploying a sophisticated remote...

19
Jan
U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti...

19
Jan
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic

Vulnerable Docker services are being targeted by a novel campaign in which the threat actors...

18
Jan
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware

The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go...

18
Jan
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have...

18
Jan
MFA Spamming and Fatigue: When Security Measures Go Wrong

In today’s digital landscape, traditional password-only authentication systems have proven to be vulnerable to a...

18
Jan
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source...

18
Jan
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France,...

18
Jan
NIST Secure Software Development Framework for Generative AI and for Dual Use Foundation Models Virtual Workshop
January 17, 2024

NIST is hosting a workshop on Wednesday, January 17, 2024, from 9:00 AM – 1:00...

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

The point-of-sale (PoS) terminals from PAX Technology are impacted by a collection of high-severity vulnerabilities...

17
Jan
Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation

Wing Security announced today that it now offers free discovery and a paid tier for automated...

17
Jan
NIST Offers Guidance on Measuring and Improving Your Company’s Cybersecurity Program
January 17, 2024

Draft publication can help with evaluating information security efforts....

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned that...

17
Jan
Webinar: The Art of Privilege Escalation – How Hackers Become Admins

In the digital age, the battleground for security professionals is not only evolving, it’s expanding...

17
Jan
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

Cybersecurity researchers have identified a “lightweight method” called iShutdown for reliably identifying signs of spyware on Apple...

17
Jan
GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

GitHub has revealed that it has rotated some keys in response to a security vulnerability...

17
Jan
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and...

17
Jan
Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

Google on Tuesday released updates to fix four security issues in its Chrome browser, including...

17
Jan
Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits – Act Now

Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of...

16
Jan
Remcos RAT Spreading Through Adult Games in New Attack Wave

The remote access trojan (RAT) known as Remcos RAT has been found being propagated via...

16
Jan
Child Safety on the Internet

“How do I keep my child safe on the internet?” This question is hard to...

16
Jan
Case Study: The Cookie Privacy Monster in Big Global Retail

Explore how an advanced exposure management solution saved a major retail industry client from ending...

16
Jan
Landing at the NCSC (glad I brought my towel)
January 16, 2024

Ollie Whitehouse, the NCSC’s new Chief Technology Officer, outlines the cyber security challenges he’ll be...

Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims

The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span...

16
Jan
Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer

Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy...

16
Jan
3 Ransomware Group Newcomers to Watch in 2024

The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims...

15
Jan
Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows...

15
Jan
High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners

Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners...

15
Jan