Telcom and BPO Companies Under Attack by SIM Swapping Hackers

A persistent intrusion campaign has set its eyes on telecommunications and business process outsourcing (BPO)...

Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware

A version of an open source ransomware toolkit called Cryptonite has been observed in the wild with...

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

Three different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC)...

Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware

A new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor’s offices...

When Being Attractive Gets Risky – How Does Your Attack Surface Look to an Attacker?

In the era of digitization and ever-changing business needs, the production environment has become a...

SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars

Cybersecurity researchers have discovered a security vulnerability that exposes cars from Honda, Nissan, Infiniti, and...

North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps

The Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure...

2 Comments

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability...

1 Comment

8th Annual NICE K12 Cybersecurity Education Conference

Attend the NICE K12 Cybersecurity Education Conference in St. Louis, Missouri on December 5-6, 2022...

1 Comment

Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability

Search giant Google on Friday released an out-of-band security update to fix a new actively...

1 Comment

The top 10 hacks and cyber security threats of 2022

Cyber Security Hub looks back on our biggest news stories of 2022...

1 Comment

Hackers Sign Android Malware Apps with Compromised Platform Certificates

Platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found...

CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an Industrial Control Systems...

The Value of Old Systems

Old technology solutions – every organization has a few of them tucked away somewhere.  It...

Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQL

IBM has fixed a high-severity security vulnerability affecting its Cloud Databases (ICD) for PostgreSQL product...

Hackers Exploiting Redis Vulnerability to Deploy New Redigo Malware on Servers

A previously undocumented Go-based malware is targeting Redis servers with the goal of taking control...

What the CISA Reporting Rule Means for Your IT Security Protocol

The new Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) requires CISA to create rules...

Watch Out! These Android Keyboard Apps With 2 Million Installs Can be Hacked Remotely

Multiple unpatched vulnerabilities have been discovered in three Android apps that allow a smartphone to...

Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities

The threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60 million in...

1 Comment

Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-Days

A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on...

Hackers Leak Another Set of Medibank Customer Data on the Dark Web

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump...

Spotlight: The Cybersecurity and Privacy of BYOD (Bring Your Own Device)

The threat to privacy and security is real, but what can device users and IT...

1 Comment

IOTW: Passwords secure in latest LastPass data breach

No passwords were accessed during the breach despite a hacker gaining access to LastPass’ cloud...

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

A critical security vulnerability has been disclosed in the Quarkus Java framework that could be...

What Developers Need to Fight the Battle Against Common Vulnerabilities

Today’s threat landscape is constantly evolving, and now more than ever, organizations and businesses in...

Schoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android Users

More than 300,000 users across 71 countries have been victimized by a new Android threat...

Malware Authors ‘Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet

An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to...

1 Comment

LastPass Suffers Another Security Breach; Exposed Some Customers Information

Popular password management service LastPass said it’s investigating a second security incident that involved attackers...

North Korea Hackers Using New “Dolphin” Backdoor to Spy on South Korean Targets

The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the...

Encryption provider for Sony leaks data for over a year

Configuration and certificate files have been leaking from an ENC Security server since May 2021...

1 Comment