Severe SLP Vulnerability Could Lead to Large DDoS Amplification Attack...
Severe SLP Vulnerability Could Lead to Large DDoS Amplification Attacks A new high-severity vulnerability was discovered, affecting Service Location Protocol (SLP). The vulnerability could allow ...
PyPI Packages Found Distributing Payloads in WhiteSnake Malware Campai...
PyPI Packages Found Distributing Payloads in WhiteSnake Malware Campaign Security researchers recently uncovered a new malware payload in the PyPI repository for Python packages. The payload...
EvilExtractor Stealer Malware Attacks Peaked in March 2023
EvilExtractor Stealer Malware Attacks Peaked in March 2023 EvilExtractor (or Evil Extractor), a data theft tool, is trending in Europe and the United States due to an uptick in attacks. EvilExtra...
APT28 Exploits Cisco Vulnerability to Deploy Malware in Espionage Camp...
APT28 Exploits Cisco Vulnerability to Deploy Malware in Espionage Campaign Russian nation-state actors are using a patched remote code execution vulnerability in Cisco network appliances to ...
Zaraza Bot: New Malware Uses Telegram for Command & Control
Zaraza Bot: New Malware Uses Telegram for Command & Control The Zaraza bot is a new type of malware that steals login information and uses Telegram as its command and control. This malware target...
Lockbit 3.0: Another Upgrade to World’s Most Active Ransomware
Lockbit 3.0: Another Upgrade to World’s Most Active Ransomware Last Update: April 17, 2023 LockBit Ransomware gang, also known as Bitwise Spider, are the cybercriminal masterminds behind the popular L...
Change of Tactic in DDoS: Attackers Now Use VPS for Improved Botnet At...
Change of Tactic in DDoS: Attackers Now Use VPS for Improved Botnet Attacks Cloudflare, a prominent internet security company, recently published a report on hyper-volumetric DDoS attacks ch...
Recapping Cyberwatch: Insights and Key Takeaways from April's Webinar
Recapping Cyberwatch: Insights and Key Takeaways from April’s Webinar In today’s digital world, cyberattacks are becoming increasingly frequent and sophisticated, posing a significant thre...
Recent Data Breaches: Hyundai, NorthOne Bank, and Kodi
Recent Data Breaches: Hyundai, NorthOne Bank, and Kodi Data breaches have become widespread in the digital age, leaving companies and individuals at risk of cyber attacks. Three high-profile companies...
Microsoft and SAP Release Security Updates to Address Critical Vulnera...
Microsoft and SAP Release Security Updates to Address Critical Vulnerabilities Microsoft has released new security updates on the Patch Tuesday April 2023, to address 97 vulnerabilities. One...
CISA Warns: Patch Apple Zero-Day Vulnerabilities Until May
CISA Warns: Patch Apple Zero-Day Vulnerabilities Until May Apple released patches on April 7 to address two zero-day vulnerabilities, CVE-2023-28205 and CVE-2023-28206. The vendor acknowledges a ...
Critical Vulnerability in vm2 JavaScript Sandbox Library: Exploit Code...
Critical Vulnerability in vm2 JavaScript Sandbox Library: Exploit Code Available [April 19, 2023] Update: Added subheading: “Patches Released for New Vulnerabilities: CVE-2023-29199 and CVE-2023-30547...
Cisco Releases Patches for Vulnerabilities in Multiple Products
Cisco Releases Patches for Vulnerabilities in Multiple Products Cisco, this week released updates to fix various security vulnerabilities in its products. These updates also cover serious issues affec...
New Rorschach Ransomware: The Fastest Encryptor
New Rorschach Ransomware: The Fastest Encryptor Researchers have discovered a new ransomware strain called Rorschach. This sophisticated and fast form of malware was used to target a co...
Hackers Exploit WinRAR SFX Archives to Install Backdoors Undetected
Hackers Exploit WinRAR SFX Archives to Install Backdoors Undetected Threat actors exploit WinRAR self-extracting (SFX) archives containing decoy files by adding malicious functionality to in...
Attackers Actively Exploit Vulnerabilities in Unpatched Products: Zimb...
Attackers Actively Exploit Vulnerabilities in Unpatched Products: Zimbra, IBM Aspera Faspex, Cacti, Realtek Threat actors are actively exploiting security vulnerabilities in Zimbra, IBM Aspera Fa...
Misconfigured Azure Active Directory (AAD) Could Lead to Unauthorized ...
Misconfigured Azure Active Directory (AAD) Could Lead to Unauthorized Access and Bing Takeover Recently, cybersecurity company Wiz discovered a misconfiguration issue in Azure Active Directory (A...
AlienFox Toolkit Targets Cloud Web Hosting Frameworks to Steal Credent...
AlienFox Toolkit Targets Cloud Web Hosting Frameworks to Steal Credentials Cybercriminals are using a new toolkit called AlienFox to steal login credentials and sensitive data from cloud-based email s...
SmoothOperator Supply Chain Attack Targeting 3CX VOIP Desktop Client
SmoothOperator Supply Chain Attack Targeting 3CX VOIP Desktop Client [Update] June 21, 2023: Researchers found exposed Elasticsearch and Kibana instances of a third-party vendor of 3CX. Find under the...
Top 20 Cybersecurity Newsletters
Top 20 Cybersecurity Newsletters New threat actors, vulnerabilities, fraud schemes, and other attack campaigns each day make it more challenging to stay current with the cyber world; however, staying ...