News
-
"Apple Patches Remote Code Execution Flaws in iOS, macOS"Apple recently released out-of-band patches for iOS and macOS to address two arbitrary code execution vulnerabilities in the libxml2 library. Written in the C programming language and originally developed for the Gnome project, libxml2 is a…
-
"Couple Get 40 Years for Navy Espionage Plot"A Maryland couple recently was sentenced to a combined 494 months behind bars after attempting to sell designs for the US navy’s nuclear-powered warships to a foreign power. Jonathan Toebbe, 44, of Annapolis, was sentenced to over 19 years in…
-
"Medibank Confirms Data Stolen in Breach is Now Available Online"Medibank has recently confirmed that the criminal behind a data breach that impacted roughly four million Australians has released files on a dark web forum. According to Medibank, the leaked data includes personal data like names, addresses, dates…
-
"Vulnerability in Flow Computers Used by Major Oil & Gas Companies Around the World Can Allow Attackers to Remotely Control Oil or Gas Quantities and Modify Gas Bills"The use of flow computers, which are specialized computers that calculate oil and gas volume and flow rates, is a critical component of the production and distribution of electric power. These devices monitor liquids or gases critical for process…
-
"Cisco: InterPlanetary File System Seeing 'Widespread' Abuse by Hackers"Cisco security researchers have reported the widespread abuse of new Web3 technology by threat actors. The InterPlanetary File System (IPFS) is a data storage and sharing protocol and peer-to-peer network. It is intended to allow for the decentralized…
-
"Malware Redirects 15,000 Sites in Malicious SEO Campaign"Security researchers at Sucuri have recently spotted an intriguing malware campaign designed to increase the search engine rankings of spam websites under the control of threat actors. Over 15,000 WordPress and other sites have been redirected to…
-
"Malicious 'Cloud9' Chrome Extension Operates Like a Remote Access Trojan"Researchers have discovered the "Cloud9" malicious Chrome browser extension, which steals information available during a browser session and then installs malware to take control of the entire device. Cloud9 behaves like a Remote Access Trojan (RAT) and…
-
"Some 98% of Global Firms Suffer Supply Chain Breach in 2021"According to new research by BlueVoyant, just 2% of global organizations didn’t suffer a supply chain breach last year. The researchers noted that visibility into cyber risk is getting harder as these ecosystems expand. The researchers polled…
-
"Security 'Sampling' Puts US Federal Agencies at Risk"Titania has released an independent research report investigating the impact of exploitable misconfigurations on network security in the US federal government. According to the study, "The Impact of Exploitable Misconfigurations on the Security of Agency…
-
"New Hacking Group Uses Custom 'Symatic' Cobalt Strike Loaders"'Earth Longzhi,' a previously unknown Chinese Advanced Persistent Threat (APT) hacking group, targets organizations in East Asia, Southeast Asia, and Ukraine. The threat actors have been active since at least 2020, planting persistent backdoors on…
-
"Patch ASAP: Critical Citrix, VMware Bugs Threaten Remote Workspaces With Takeover"Citrix and VMware products have critical authentication-bypass vulnerabilities, threatening devices running remote workspaces with a complete takeover, the vendors have warned. Citrix's CVE-2022-27510 critical bug, with a CVSS vulnerability-severity…
-
"Researchers Uncover PyPI Package Hiding Malicious Code Behind Image File"A malicious package found on the Python Package Index (PyPI) was discovered using a steganographic trick to conceal malicious code within image files. According to researchers at Check Point, the package in question, named "apicolor," was uploaded to the…