News
-
"Hackers Exploit Control Web Panel Flaw to Open Reverse Shells"A recently patched critical vulnerability in Control Web Panel (CWP), formerly known as CentOS Web Panel, is being exploited by hackers. This tool is used to manage servers. The security flaw, tracked as CVE-2022-44877, has a critical severity rating of…
-
"FortiOS Flaw Was Exploited to Compromise Governmental Targets (CVE-2022-42475)"A critical vulnerability in FortiOS SSL-VPN, tracked as CVE-2022-42475, for which Fortinet released updates in November 2022, has been exploited by attackers to compromise government or government-related targets, according to the company. According to…
-
"Cybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar"Remote Access Trojans (RATs) such as StrRAT and Ratty are being delivered as a combination of polyglot and malicious Java archive (JAR) files, further demonstrating how threat actors are constantly discovering new ways to evade detection. Simon Kenin, a…
-
"Next Clean Energy Cyber Cohort Will Focus on Identifying Rogue Assets"The Department of Energy (DOE) is seeking cybersecurity-savvy innovators to join the second cohort of its Clean Energy Cybersecurity Accelerator (CECA) program. DOE is searching for ways to inventory all systems connected to the energy grid, including…
-
"Google Chrome 'SymStealer' Vulnerability Could Affect 2.5 Billion Users"The Chromium vulnerability (tracked CVE-2022-3656) discovered by Imperva security researchers in July 2022 and patched in September could still affect 2.5 billion users if they don't update their browsers. Security researchers at Imperva stated…
-
"Recently Disclosed Vulnerability Exploited to Hack Hundreds of SugarCRM Servers"Exploitation of a critical vulnerability affecting the widely used SugarCRM customer relationship management system was seen just days after someone made public an exploit. It is currently unclear how long the vulnerability has been known and…
-
"The Guardian Confirms Personal Information Compromised in Ransomware Attack"British news organization The Guardian has confirmed that personal information was compromised in a ransomware attack in December 2022. The company fell victim to the attack just days before Christmas, when it instructed staff to work from home,…
-
"Cisco Warns of Critical Vulnerability in EoL Small Business Routers"Cisco recently announced that no patches will be released for a critical-severity vulnerability impacting small business RV016, RV042, RV042G, and RV082 routers, which have reached end of life (EoL). Tracked as CVE-2023-20025 (CVSS score of 9.0),…
-
"Severe Vulnerabilities Allow Hacking of Asus Gaming Router"Cisco’s Talos security researchers have published technical information on three severe vulnerabilities impacting Asus RT-AX82U routers. The RT-AX82U, a Wi-FI 6 gaming router, can be configured via an HTTP server that is running on the local…
-
"Twitter: Leak of 200 Million Accounts Not Due to Historic Bug"According to Twitter, a trove of over 200 million Twitter account records up for sale on the dark web recently was not obtained by any compromise of the social media firm’s IT systems. Twitter said that the dataset was the same as that cited in…
-
"Royal Mail Halts International Deliveries After Cyber-Incident"The UK’s postal service has recently warned customers of “severe service disruption” for items sent abroad after it suffered an unspecified “cyber-incident.” The postal service stated that it was temporarily unable to dispatch items to overseas…
-
"ChatGPT Is Enabling Script Kiddies to Write Functional Malware"Since its beta release in November 2022, the Artificial Intelligence (AI) chatbot ChatGPT has been used to perform various tasks, such as writing poetry, technical papers, novels, and more. Malware development and other forms of cybercrime can now be…