News
-
"AWS Fixes 1-Click Apache Airflow Session Hijack Flaw"Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) had a vulnerability that enabled session hijacking with a single click.
-
"Siemens, Other Vendors Patch Critical ICS Product Vulnerabilities"The US Cybersecurity and Infrastructure Security Agency (CISA) recently released 15 advisories addressing serious vulnerabilities in industrial control products from Siemens, Mitsubishi Electric, Delta Electronics, and more.
-
"Microsoft Patches Xbox Vulnerability Following Public Disclosure"Microsoft has recently released a patch for an Xbox vulnerability after initially telling the reporting researcher that it was not a security issue. The vulnerability is tracked as CVE-2024-2891, and it impacts Xbox Gaming Services.
-
"How AI Can Be Hacked With Prompt Injection: NIST Report"In "Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations," the National Institute of Standards and Technology (NIST) defines different Adversarial Machine Learning (AML) tactics and cyberattacks, as well as provides guida
-
"RaaS Groups Increasing Efforts to Recruit Affiliates"According to GuidePoint Security, smaller Ransomware-as-a-Service (RaaS) groups are trying to recruit new and "displaced" LockBit and Alphv/BlackCat affiliates by offering better payout splits, full-time support, and more.
-
"'Fluffy Wolf' Spreads Meta Stealer in Corporate Phishing Campaign"A threat actor, tracked as "Fluffy Wolf," is spreading different types of malware using accounting report lures in a phishing campaign that relies on malicious and legitimate software.
-
"Study Uncovers 27% Spike in Ransomware; 8% Yield to Demands"According to the 2024 Thales Data Threat Report, ransomware attacks increased by 27 percent in 2023, with 8 percent of impacted organizations deciding to pay the demanded ransom.
-
"CISA Shares Critical Infrastructure Defense Tips Against Chinese Hackers"The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and several other agencies in the US and around the world urge critical infrastructure leaders to protect the
-
"1 in 4 Organizations Shut Down OT Operations Due to Cyberattacks: Survey"According to a survey commissioned by Palo Alto Networks, many industrial organizations are hit with cyberattacks, which result in the shutdown of Operational Technology (OT) processes in a significant percentage of cases.
-
"BunnyLoader 3.0 Surfaces in the Threat Landscape'"Researchers have discovered a new variant of the "BunnyLoader" malware with a modular structure and improved evasion capabilities.
-
"EPA Floats Task Force to Address Cyberattacks on Water Infrastructure"Recent cyberattacks on water plants have driven the US Environmental Protection Agency (EPA) to form a task force aimed at addressing the security risks that water infrastructure providers face.
-
"'Lifelock' Hacker Pleads Guilty to Extorting Medical Clinics"Robert Purbeck, an Idaho man who hacked and extorted medical clinics and a police department, has pleaded guilty in Georgia federal court to computer fraud and abuse charges.