News
-
"Google Audit Finds Vulnerabilities in Intel TDX"Google recently published the results of a nine-month audit of Intel Trust Domain Extensions (TDX), which resulted in the discovery of ten security defects. Providing hardware isolated virtual machines, TDX has been added to some Intel Xeon…
-
"Data Security Breach May Have Left Jewel-Osco Employees' Information Exposed"Thousands of Jewel-Osco employees might have had their personal information exposed in a data breach. In a letter sent to employees by Jewel-Osco parent company Albertsons last week, the letter said hackers were able to infiltrate Albertsons…
-
"Yellow Pages Canada Hit by Cyberattack, Black Basta Claims Credit"Yellow Pages Canada has recently discovered that it has been the victim of a cyberattack. The company stated that a data breach affected some employee and business customer data, though the company did not specify what type of data in particular.…
-
"Researchers Find 250 Million Artifacts Exposed in Misconfigured Registries"Security researchers at Aqua Nautilus have recently discovered thousands of misconfigured artifact repositories and container image registries, exposing organizations to potentially serious software supply chain attacks. The researchers found that…
-
"Hackers to Show They Can Take Over a European Space Agency Satellite"Cybersecurity researchers will reveal how they took control of a European Space Agency (ESA) satellite in what is considered the world's first ethical satellite hacking exercise. Experts from the French defense giant Thales, together with members of the…
-
"New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks"A high-severity security vulnerability is impacting Service Location Protocol (SLP). The vulnerability could be exploited to launch volumetric Denial-of-Service attacks against targets. Bitsight and Curesec researchers stated that attackers exploiting…
-
"Intel CPUs Vulnerable to New Transient Execution Side-Channel Attack"Researchers have discovered a new side-channel attack impacting multiple generations of Intel CPUs. It allows data leakage via the EFLAGS register. Researchers from Tsinghua University, the University of Maryland, and a computer lab operated by the…
-
"Attackers Are Logging in Instead of Breaking In"According to Sophos, cyberattackers used more than 500 unique tools and tactics in 2022. The analysis of data from over 150 Sophos Incident Response (IR) cases revealed over 500 unique tools and techniques, including 118 Living off the Land binaries (…
-
"Tangled Up: 'Tomiris' APT Uses Turla Malware, Confusing Researchers"Certain campaigns previously attributed to the Russian Advanced Persistent Threat (APT) group Turla were carried out by what appears to be a different group that researchers have dubbed "Tomiris." Turla, also known as Snake, Venomous Bear, and Ourobouros…
-
"Critical Flaw in Inea ICS Product Exposes Industrial Organizations to Remote Attacks"A critical vulnerability in a remote terminal unit (RTU) made by Slovenia-based industrial automation company Inea can expose industrial organizations to remote hacker attacks. The vulnerability came to light after the Cybersecurity and…
-
"US Navy Contractor Fincantieri Marine Group Hit by Cyberattack"A US commercial and defense shipbuilder with ties to the government was hit by a ransomware attack on April 12. Fincantieri Marine Group (FMG) stated that it experienced a cybersecurity incident that caused a temporary disruption to certain…
-
"SolarWinds Platform Update Patches High-Severity Vulnerabilities"Two high-severity vulnerabilities that were patched recently in SolarWinds Platform could lead to command execution and privilege escalation. The most severe of the two issues is CVE-2022-36963 (CVSS score of 8.8), which is described as a command…