News
-
"New Study Reveals Loophole in Digital Wallet Security—Even if Rightful Cardholder Doesn't Use a Digital Wallet"Over 5.3 billion people are expected to use digital wallets such as Apple Pay, Google Pay, and PayPal by the year 2026.
-
"SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day"The US cybersecurity agency CISA recently warned that a fresh critical-severity vulnerability in SolarWinds Web Help Desk has been exploited in attacks.
-
"Russian Hackers Using Fake Brand Sites to Spread DanaBot and StealC Malware"Researchers have discovered a sophisticated information stealer campaign that distributes "DanaBot" and "StealC" malware by impersonating legitimate brands.
-
"Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign"Palo Alto Networks found a threat actor extorting organizations after compromising their cloud environments using accidentally exposed environment variables.
-
"Geopolitical Tensions Drive Explosion in DDoS Attacks"According to Radware, Distributed Denial-of-Service (DDoS) attacks increased by 265 percent in the first half of 2024 compared to the same period in 2023.
-
"New Banshee Stealer macOS Malware Priced at $3,000 Per Month"Cybercriminals are advertising a new macOS malware that they claim is capable of stealing a wide range of data from compromised systems. The malware is called Banshee Stealer and is believed to have been developed by Russian threat actors.
-
"ATM Software Flaws Left Piles of Cash for Anyone Who Knew to Look"Independent researcher Matt Burch presented findings on "financial" or "enterprise" ATMs used in banks and other large institutions at the DEF CON hacking conference.
-
"Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw"Security experts urge Windows system administrators to patch a pre-auth Remote Code Execution (RCE) vulnerability in the Windows TCP/IP stack, warning that zero-click exploitation is highly likely.
-
"GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover"A new attack vector in GitHub Actions artifacts, called "ArtiPACKED," could be used to take over repositories and access organizations' cloud environments.
-
"Advanced ValleyRAT Campaign Hits Windows Users in China"Researchers at FortiGuard Labs have uncovered a sophisticated "ValleyRAT" malware campaign targeting Windows users in China. The threat actors behind the campaign seek to take over compromised machines.
-
"Ransomware Attacks on Industrial Firms Surged in Q2 2024"According to security researchers at Dragos, there was a significant increase in ransomware attacks on industrial organizations in the second quarter of 2024 compared to the previous quarter.