News
-
"MSI's Leaked Firmware Keys Endanger Hundreds of Devices"Researchers have discovered leaked firmware image signing keys and Intel Boot Guard keys for MSI products. According to Alex Matrosov, CEO of the firmware supply chain security platform Binarly, the leaked firmware keys impact 57 MSI products, while the…
-
"Kimsuky Hackers Use New Recon Tool to Find Security Gaps"In a global cyber espionage campaign, the North Korean hacking group Kimsuky has been observed using a new version of its reconnaissance malware, now known as ReconShark. According to Sentinel Labs, the threat actor is now targeting government…
-
"Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit drIBAN"Since at least 2019, Italian corporate banking clients have been the target of an ongoing financial fraud campaign involving a new web-inject toolkit called drIBAN. According to Cleafy researchers, the primary objective of drIBAN fraud operations is to…
-
"Universal Data Permissions Scanner: Open-Source Tool to Overcome Data Authorization Blindspots"Satori has released Universal Data Permissions Scanner (UDPS), a free, open-source tool that allows companies to identify which employees have access to which data, thereby mitigating the risks associated with overprivileged or unauthorized users and…
-
"Dallas City Systems Taken Down by Royal Ransomware"After a cyberattack by the Royal ransomware group, city government systems in Dallas are still not entirely functional. The City of Dallas has confirmed the ransomware attack, but has assured residents that police and fire rescue services will continue…
-
"Maritime Security Lab: Bringing Better IT Security on Board"Cyberattacks against industry and critical infrastructure are increasing globally. Targets of these cyberattacks also include ships, which contribute to international supply chains by transporting billions of tons of products annually. However, ships' on…
-
"New KEKW Malware Infects Open-Source Python Wheel Files via a PyPI Distribution"Malicious open-source Python .whl (Wheel) files were distributing a new malware called KEKW, which can steal sensitive data from infected systems by combining clipper activities with infostealers to take over cryptocurrency transactions. Cyble Research…
-
"Facebook Warns of a New Information-Stealing Malware Dubbed NodeStealer"NodeStealer is a new malware that steals information and is distributed on Meta. It can steal browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The malware was first discovered targeting Windows browsers in…
-
"OpenAI Flaw Allows Unlimited Credit on New Accounts"OpenAI offered free credits to users interested in trying its open Artificial Intelligence (AI) projects. However, Checkmarx discovered a vulnerability that allowed users to abuse the trial and get unlimited credit on new accounts. The researchers were…
-
"Cybercrime Groups Find a New Target: Religious Institutions"Two well-known hacking groups have claimed responsibility for recent attacks on religious organizations, which is a departure from their usual focus on businesses and government agencies. The infamous LockBit ransomware group has added Relentless Church…
-
"Brightline Hack Exposes Data of Over 780,000 Child Mental Health Patients"Pediatric mental health provider Brightline has recently warned patients that it suffered a data breach on January 30, impacting 783,606 people. Brightline said the breach was related to a zero-day vulnerability in its Fortra GoAnywhere MFT secure…
-
"Cisco Warns of Critical Vulnerability in EoL Phone Adapters"Cisco recently raised the alarm on a critical remote code execution (RCE) vulnerability impacting SPA112 2-Port phone adapters, which have reached end-of-life (EoL) status. Tracked as CVE-2023-20126 (CVSS score of 9.8), the flaw impacts the web-…