News
-
"Senate Bill Aims to Boost Cyber Support for Small Business at State Level"Sen. Maggie Hassan, D-NH, has introduced legislation that aims to strengthen small businesses' cybersecurity posture by providing funding to Small Business Development Centers assisting businesses with security. The Small Business Cybersecurity Act would…
-
"GAO Warns Coast Guard of IT and OT Cybersecurity Vulnerabilities"The US Coast Guard intends is planning to invest $93 million in fiscal year 2022 to upgrade its IT systems and infrastructure in order to address long-standing problems. However, according to a new report from the Government Accountability Office (GAO),…
-
"Slack Forces Password Resets After Discovering Software Flaw"Workplace productivity software giant Slack recently forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials. Slack alerted users to the issue via email and followed up with a…
-
"GwisinLocker Ransomware Targets Linux Systems in South Korea"Researchers at ReversingLabs discovered a new ransomware family targeting Linux-based systems in South Korea. Dubbed GwisinLocker, the malware was detected by researchers on July 19 while undertaking successful campaigns targeting firms in the…
-
"Zimbra Credential Theft Vulnerability Exploited in Attacks"The US Cybersecurity and Infrastructure Security Agency (CISA) recently informed organizations that a recently patched vulnerability affecting the Zimbra enterprise email solution has been exploited in attacks. The security hole is tracked as CVE-…
-
"DHS Warns of Critical Flaws in Emergency Alert System Devices"The US Department of Homeland Security (DHS) issued a warning that attackers could use critical security flaws in unpatched Emergency Alert System (EAS) encoder/decoder devices to send fake emergency alerts over TV and radio networks. In the event of a…
-
"Hackers Exploit Atlassian Confluence Vulnerability to Deploy New 'Ljl' Backdoor"Cybersecurity experts at Deepwatch spotted activity from threat actors that "highly likely" exploited a security flaw in the Atlassian Confluence server (CVE-2022-26134) to deploy a new backdoor dubbed "Ljl" against several unnamed organizations. …
-
"A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'"Dark Utilities is a new service that has already attracted 3,000 users because of its ability to provide command-and-control (C2) services with the goal of commandeering compromised systems. It is marketed as a way to enable remote access, command…
-
"Over 60% of Organizations Expose SSH to the Internet"Security researchers at ExtraHop have found that most global organizations are exposing sensitive and insecure protocols to the public internet, potentially increasing their attack surface. The researchers analyzed a range of enterprise IT…
-
"New Malware Woody RAT Has Been Targeting Russian Institutions"Unidentified attackers have specifically targeted Russian businesses with malware that allows remote control and data theft from infected machines. According to Malwarebytes, one of the Russian enterprises targeted by this spyware is a government-…
-
"35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?"In a typosquatting effort to impersonate legitimate projects, a hacker using the handle "Pl0xP" cloned a large number of GitHub repositories and slightly changed the cloned repository names, potentially infecting any software that imported the code.…
-
"The Microsoft Team Racing to Catch Bugs Before They Happen"As cybercriminals, state-backed hackers, and scammers continue to flood the zone with digital attacks and aggressive campaigns around the world, Microsoft, the maker of the ubiquitous Windows operating system, is focusing on security defense. Microsoft's…