North Korean Hackers Targeted Russian Missile Developer 07/08/2023 at 20:01 By Eduard Kovacs A sanctioned Russian missile maker appears to have been targeted by two important North Korean hacking groups. The post North Korean Hackers Targeted Russian Missile Developer appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
North Korean Hackers Targeted Russian Missile Developer Read More »
Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities 04/08/2023 at 12:31 By Ionut Arghire Five Eyes government agencies have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022. The post Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities appeared first on SecurityWeek. This
Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities Read More »
Salesforce Email Service Zero-Day Exploited in Phishing Campaign 03/08/2023 at 12:47 By Eduard Kovacs Threat actors have exploited a Salesforce email service zero-day vulnerability and abused Meta features in a sophisticated phishing campaign. The post Salesforce Email Service Zero-Day Exploited in Phishing Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Salesforce Email Service Zero-Day Exploited in Phishing Campaign Read More »
Microsoft Catches Russian Government Hackers Phishing with Teams Chat App 03/08/2023 at 01:01 By Ryan Naraine Microsoft says a Russian government-linked hacking group is using its Microsoft Teams chat app to phish for credentials at targeted organizations. The post Microsoft Catches Russian Government Hackers Phishing with Teams Chat App appeared first on SecurityWeek. This article
Microsoft Catches Russian Government Hackers Phishing with Teams Chat App Read More »
Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack 01/08/2023 at 20:15 By Eduard Kovacs A new power side-channel attack named Collide+Power can allow an attacker to obtain sensitive information and it works against nearly any modern CPU. The post Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack appeared first
Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack Read More »
Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report 01/08/2023 at 14:03 By Eduard Kovacs The number of ransomware attacks targeting industrial organizations and infrastructure has doubled since the second quarter of 2022, according to Dragos. The post Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report appeared first on SecurityWeek. This article
Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report Read More »
Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks 31/07/2023 at 13:31 By Eduard Kovacs Ivanti EPMM customers have been warned of CVE-2023-35081, a second zero-day vulnerability that has been exploited in targeted attacks. The post Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from
Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks Read More »
Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads 27/07/2023 at 17:20 By Kevin Townsend Researchers discovered two vulnerabilities in the Ubuntu OverlayFS module: CVE-2023-2640 and CVE-2023-32629 (together dubbed ‘GameOver(lay)’). The post Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Two New Vulnerabilities Could affect 40% of Ubuntu Cloud Workloads Read More »
Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government 25/07/2023 at 13:04 By Eduard Kovacs An Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government. The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek. This article is an excerpt
Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government Read More »
Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails 21/07/2023 at 20:19 By Ryan Naraine Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online. The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek. This article is an excerpt
Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails Read More »
Citrix Zero-Day Exploited Against Critical Infrastructure Organization 21/07/2023 at 13:33 By Eduard Kovacs CISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization. The post Citrix Zero-Day Exploited Against Critical Infrastructure Organization appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View
Citrix Zero-Day Exploited Against Critical Infrastructure Organization Read More »
Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks 18/07/2023 at 14:19 By Eduard Kovacs At least two new Adobe ColdFusion vulnerabilities have been exploited in the wild, including one that has not been completely patched by the software giant. The post Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article
Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks Read More »
Hacker Conversations: Inside the Mind of Daniel Kelley, ex-Blackhat 18/07/2023 at 14:19 By Kevin Townsend Daniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of UK telecoms firm TalkTalk. In 2019 he was convicted and sentenced to four years in prison.
Hacker Conversations: Inside the Mind of Daniel Kelley, ex-Blackhat Read More »
SecurityWeek Analysis: Over 210 Cybersecurity M&A Deals Announced in First Half of 2023 17/07/2023 at 15:16 By Eduard Kovacs An analysis conducted by SecurityWeek shows that more than 210 cybersecurity-related mergers and acquisitions were announced in the first half of 2022. The post SecurityWeek Analysis: Over 210 Cybersecurity M&A Deals Announced in First Half of
SecurityWeek Analysis: Over 210 Cybersecurity M&A Deals Announced in First Half of 2023 Read More »
Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day 14/07/2023 at 13:06 By Eduard Kovacs Google researchers have discovered that a Zimbra zero-day vulnerability has been exploited in the wild, with users being advised to manually patch their installations. The post Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day appeared first on SecurityWeek. This article is
Google Researchers Discover In-the-Wild Exploitation of Zimbra Zero-Day Read More »
APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure 13/07/2023 at 13:32 By Eduard Kovacs Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could use it to target critical infrastructure. The post APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure appeared first on
APT Exploit Targeting Rockwell Automation Flaws Could Threaten Critical Infrastructure Read More »
Orca Sues Wiz Over Alleged Cloud Security Patent Violations 12/07/2023 at 23:18 By Ryan Naraine Orca Security sues its main rival, claiming patent infringements, intellectual property theft and even marketing copycat behavior. The post Orca Sues Wiz Over Alleged Cloud Security Patent Violations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Orca Sues Wiz Over Alleged Cloud Security Patent Violations Read More »
A Cybersecurity Wish List Ahead of NATO Summit 10/07/2023 at 17:17 By Kevin Townsend Assuming NATO can play a greater part in the cybersecurity of its members, possibly through a more formal NATO Cyber Command, the question then becomes ‘what should we hope for?’ The post A Cybersecurity Wish List Ahead of NATO Summit appeared
A Cybersecurity Wish List Ahead of NATO Summit Read More »
Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data 06/07/2023 at 16:05 By Eduard Kovacs Shell confirms that employee personal information has been stolen after the Cl0p ransomware group leaked data allegedly stolen from the energy giant. The post Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data appeared first on SecurityWeek. This article is
Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data Read More »
Army Combat Veteran to Take Over Key Election Security Role Working With State, Local Officials 01/07/2023 at 20:31 By Mike Lennon Cait Conley will coordinate with federal, state and local officials responsible for ensuring elections are secure ahead of the 2024 presidential election. The post Army Combat Veteran to Take Over Key Election Security Role