News
-
"US, Australian Cybersecurity Agencies Publish List of 2021's Top Malware"The US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have published a joint advisory to detail the top malware strains of 2021. The ACSC and CISA have been monitoring ransomware, rootkits, spyware…
-
"NHS Cyberattack Delays Ambulances"The NHS is currently battling a ransomware attack that has disrupted patient referrals, appointment bookings, and other operations. The health service is working through its incident response process after managed service provider Advanced first…
-
"Zero-Day Bug Responsible for Massive Twitter Breach"Twitter recently revealed that a zero-day vulnerability in Twitter's code base was responsible for a major data breach that is thought to have affected 5.4 million users. Twitter stated the threat actor who exploited the vulnerability is hoping to…
-
"Android Apps Are Invasive and Unsafe: Study"According to researchers from Germany's University of Passau, the way apps fingerprint user behavior poses a greater risk to user privacy than browser fingerprinting. The researchers claimed in a preprint published on arXiv that fingerprints in hybrid…
-
"Senate Bill Aims to Boost Cyber Support for Small Business at State Level"Sen. Maggie Hassan, D-NH, has introduced legislation that aims to strengthen small businesses' cybersecurity posture by providing funding to Small Business Development Centers assisting businesses with security. The Small Business Cybersecurity Act would…
-
"GAO Warns Coast Guard of IT and OT Cybersecurity Vulnerabilities"The US Coast Guard intends is planning to invest $93 million in fiscal year 2022 to upgrade its IT systems and infrastructure in order to address long-standing problems. However, according to a new report from the Government Accountability Office (GAO),…
-
"Slack Forces Password Resets After Discovering Software Flaw"Workplace productivity software giant Slack recently forced password resets for a tiny fraction of its users after the discovery of a security flaw that exposed Slack credentials. Slack alerted users to the issue via email and followed up with a…
-
"GwisinLocker Ransomware Targets Linux Systems in South Korea"Researchers at ReversingLabs discovered a new ransomware family targeting Linux-based systems in South Korea. Dubbed GwisinLocker, the malware was detected by researchers on July 19 while undertaking successful campaigns targeting firms in the…
-
"Zimbra Credential Theft Vulnerability Exploited in Attacks"The US Cybersecurity and Infrastructure Security Agency (CISA) recently informed organizations that a recently patched vulnerability affecting the Zimbra enterprise email solution has been exploited in attacks. The security hole is tracked as CVE-…
-
"DHS Warns of Critical Flaws in Emergency Alert System Devices"The US Department of Homeland Security (DHS) issued a warning that attackers could use critical security flaws in unpatched Emergency Alert System (EAS) encoder/decoder devices to send fake emergency alerts over TV and radio networks. In the event of a…
-
"Hackers Exploit Atlassian Confluence Vulnerability to Deploy New 'Ljl' Backdoor"Cybersecurity experts at Deepwatch spotted activity from threat actors that "highly likely" exploited a security flaw in the Atlassian Confluence server (CVE-2022-26134) to deploy a new backdoor dubbed "Ljl" against several unnamed organizations. …
-
"A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'"Dark Utilities is a new service that has already attracted 3,000 users because of its ability to provide command-and-control (C2) services with the goal of commandeering compromised systems. It is marketed as a way to enable remote access, command…