Uncategorized

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan 29/05/2023 at 13:05 By Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. “Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT,” the […]

React to this headline:

Don’t Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims 29/05/2023 at 12:41 By A new phishing technique called “file archiver in the browser” can be leveraged to “emulate” a file archiver software in a web browser when a victim visits a .ZIP domain. “With this phishing attack, you simulate a file archiver

React to this headline:

PyPI Implements Mandatory Two-Factor Authentication for Project Owners 29/05/2023 at 08:48 By The Python Package Index (PyPI) announced last week that every account that maintains a project on the official third-party software repository will be required to turn on two-factor authentication (2FA) by the end of the year. “Between now and the end of the

React to this headline:

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking 27/05/2023 at 12:03 By A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue

React to this headline:

New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets 27/05/2023 at 12:03 By A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets.  “It has the potential to expand to other platforms as Bandit Stealer was developed

React to this headline:

New York Attorney General seeks fine over Sport Warehouse data breach 26/05/2023 at 22:15 By Online sporting goods retailer Sports Warehouse must pay the state of New York 300,000 in penalties for a data breach affecting 2.5 million consumers. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React

React to this headline:

Four additional states cite Dollar Tree with workplace hazards 26/05/2023 at 21:36 By Nine Dollar Tree locations in four states have received workplace safety violations from OSHA. Hazards include blocked exits and chemical exposure. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data 26/05/2023 at 20:04 By A new security flaw has been disclosed in the Google Cloud Platform’s (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. “The vulnerability could have enabled a malicious actor to escalate from a basic

React to this headline:

San Antonio updates security radio system 26/05/2023 at 19:03 By The Alamo Area Regional Radio System was completed for public service security. All agencies are now on the same system without needing patches. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Advisory warning issued for PRC state-sponsored cyber activity 26/05/2023 at 19:03 By The NSA and Central Security Service released a threat advisory which highlights a cluster of activity being attributed to a China state-sponsored threat group. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Why are ID fraud numbers still rising? 26/05/2023 at 16:38 By Increasing ID scams are raising the question of why technological advancements such as biometric authentication have not solved the problem. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Strengthening concert fan safety with video analytics 26/05/2023 at 16:38 By The responsibility of protecting performers, staff and visitors demands layers of planning and responsiveness driven by intelligent video solutions. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Protecting critical infrastructure with radar 26/05/2023 at 16:38 By Utility organizations, like other critical infrastructure sites, are faced with ever-present challenges to protect facilities, people and assets. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Predator Android Spyware: Researchers Sound the Alarm on Alarming Capabilities 26/05/2023 at 16:12 By Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google’s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five

React to this headline:

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits 26/05/2023 at 15:16 By 5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure

React to this headline:

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids 26/05/2023 at 10:38 By A new strain of malicious software that’s engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021

React to this headline:

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances 26/05/2023 at 08:09 By Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances. The zero-day is being tracked as CVE-2023-2868 and has been described as

React to this headline:

Media industry cites lack of native security for public cloud issues 25/05/2023 at 21:33 By A survey found that, while media and entertainment organizations are still relatively new to cloud storage, public cloud storage use is on the rise.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React

React to this headline:

Earning the “C” in CISO: Staying secure through economic turbulence 25/05/2023 at 19:33 By With talk of a possible global recession this year, security professionals need to start anticipating the potential impacts to securing their organizations. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Zyxel Issues Critical Security Patches for Firewall and VPN Products 25/05/2023 at 18:31 By Zyxel has released software updates to address two critical security flaws affecting select firewall and VPN products that could be abused by remote attackers to achieve code execution. Both the flaws – CVE-2023-33009 and CVE-2023-33010 – are buffer overflow vulnerabilities and are rated 9.8 out

React to this headline: