News
-
"New PyLoose Linux Malware Mines Crypto Directly From Memory"PyLoose, a new fileless malware, has been targeting cloud workloads to use their computational resources in order to mine Monero cryptocurrency. PyLoose is a Python script with a precompiled, base64-encoded XMRig miner, an abused open source tool that…
-
"Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks"According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), two security vulnerabilities affecting Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models could be exploited for Remote Code Execution (RCE) and…
-
"CVSS 4.0 Released, to Help Assess Real-Time Threat and Impact of Vulnerabilities"CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard released by FIRST. In the interface between suppliers and consumers, CVSS provides a way to catch the principal characteristics of a security vulnerability and…
-
"QuickBlox API Vulnerabilities Open Video, Chat Users to Data Theft"After researching QuickBlox's Software Development Kit (SDK) and Application Programming Interface (API), Team 82 and Check Point Research discovered critical vulnerabilities that put millions of users' personal data at risk. The chat and video calling…
-
"Hackers Say Generative AI Unlikely to Replace Human Cybersecurity Skills--Bugcrowd Survey"Bugcrowd, the multi-solution crowdsourced cybersecurity platform, has published its annual "Inside the Mind of a Hacker" report for 2023. The report explores various subjects, such as the potential impact of Artificial Intelligence (AI) on security…
-
"Microsoft Mitigated an Attack by Chinese Threat Actor Storm-0558"Microsoft mitigated an attack by a threat actor with ties to China, tracked as Storm-0558, which targeted customer emails. Storm-0558 threat actors have been observed conducting cyber espionage, data theft, and credential access attacks against…
-
"Satellite Security Lags Decades Behind the State of the Art"Researchers from Ruhr University Bochum and the CISPA Helmholtz Center for Information Security have evaluated the security of satellite systems. They analyzed three current low-earth orbit satellites and discovered a need for more implementation of…
-
"Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution"Fortinet recently announced security updates that address a critical-severity vulnerability in FortiOS and FortiProxy that could be exploited for remote code execution (RCE). Tracked as CVE-2023-33308 (CVSS score of 9.8), the bug is described as a…
-
"Financial Industry Faces Soaring Ransomware Threat"According to cybersecurity provider SOCRadar, the financial industry has been facing a surge in ransomware attacks over the past few years. SOCRadar noted that this trend started in the first half of 2021 when Trend Micro saw a staggering 1318%…
-
"World's Largest Association of Computing Professionals Issues Principles for Generative AI Technologies"The Association for Computing Machinery's global Technology Policy Council (ACM TPC) has issued "Principles for the Development, Deployment, and Use of Generative AI Technologies" in response to significant advancements in generative Artificial…
-
"Only Two Percent of Organizations Feel Confident in Their Cybersecurity Strategies"According to a new report from the critical infrastructure protection specialist OPSWAT, although 75 percent of organizations have made significant efforts to upgrade their infrastructure in the past year and 78 percent have increased their security…
-
"Hackers Target Chinese-Speaking Microsoft Users With 'RedDriver' Browser Hijacker"According to cybersecurity researchers, hackers are targeting Chinese-speaking Microsoft users with a tool called RedDriver that enables them to intercept web browser traffic. The Cisco Talos team has identified multiple variants of the RedDriver tool,…