News
-
"CISA Urges Federal Agencies to Patch Exploited Qualcomm Vulnerabilities"The US cybersecurity agency CISA recently added four bugs impacting multiple Qualcomm chipsets to its Known Exploited Vulnerabilities (KEV) Catalog.
-
"AI Networks Are More Vulnerable to Malicious Attacks Than Previously Thought"North Carolina State University researchers discovered that Artificial Intelligence (AI) tools are more vulnerable than previously thought to attacks aimed at forcing AI systems to make bad decisions.
-
"ENISA Published 'ENISA Threat Landscape for DoS Attacks'"In recent years, there has been more access to cost-effective and efficient means and services for executing Denial-of-Service (DoS) attacks. Ongoing global conflicts have sparked many DoS attacks.
-
"Federal Agency Breached Through Adobe ColdFusion Vulnerability"According to the Cybersecurity and Infrastructure Security Agency (CISA), hackers compromised public-facing servers at a US federal agency in June and July by exploiting a vulnerability in a popular Adobe product.
-
"BlackCat Ransomware Criminals Threaten to Directly Extort Victim's Customers"The AlphV/BlackCat ransomware group claims to have infiltrated the systems of the accounting software vendor Tipalti and plans to "go direct" to the company's clients to extort them.
-
"GST Invoice Billing Inventory Exposes Sensitive Data to Threat Actors"The popular GST Invoice Billing Inventory (previously known as Book Keeper) app with more than 1 million downloads has left a database open, exposing sensitive personal and corporate data.
-
"Disney+ Cyber Scheme Exposes New Impersonation Attack Tactics"According to security researchers at Abnormal Security, brand impersonation in cyberattacks has reached new levels of sophistication.
-
"Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk"The Cybersecurity and Infrastructure Security Agency (CISA) released the Cybersecurity Performance Goals (CPGs) in October 2022 to help organizations of all sizes and levels of cyber maturity gain confidence in their cybersecurity posture and reduce bu
-
"Russian Hackers Use Old Outlook Vulnerability to Target Polish Orgs"The Polish Cyber Command has warned that the Russian state-backed hacking group Forest Blizzard, also known as Fancy Bear and APT28, has been targeting public and private entities in Poland by exploiting a known Microsoft Outlook vulnerability, tracked
-
"Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack"Malicious actors can use a new "post-exploitation tampering technique" to trick a target into thinking their Apple iPhone is in Lockdown Mode when it is not, allowing them to perform covert attacks.
-
"WordPress Bug 'Patch' Installs Backdoor for Full Site Takeover"Attackers are targeting WordPress users with a fake security alert about a Remote Code Execution (RCE) flaw. The alert offers a "patch" that actually spreads malicious code capable of hijacking a site.
-
"US Federal Agencies Miss Deadline for Incident Response Requirements"According to the US Goverment Acountability Office (GAO), although US federal agencies have made progress in preparing for and responding to cyber threats, too many have failed to meet the deadline to implement incident response capabilities required b