-
"Malicious Tor Browser Installers Spread Via Darknet Video on YouTube"Cybersecurity researchers at Kasperksky have recently identified multiple infections via malicious Tor Browser installers spread via an explanatory video about the Darknet on YouTube. The YouTube channel in question has more than 180,000…
-
"Dell to Open Zero-Trust Center of Excellence"Dell Technologies has announced that, in collaboration with CyberPoint International and the Maryland Innovation Security Institute (MISI), it will open a zero-trust Center of Excellence at the US Cyber Command's DreamPort facility in Columbia, Maryland…
-
"Social Media Account Hijacking Jumps 1,000% in Last 12 Months"According to the Identity Theft Resource Center (ITRC), social media account hijacking has grown significantly within the last 12 months. Its 2022 Consumer Impact Report revealed that social media takeovers increased by 1,000 percent during the period.…
-
"Critical Vulnerabilities Expose Parking Management System to Hacker Attacks"
Nearly a dozen vulnerabilities have recently been found in a car parking management system made by Italian company Carlo Gavazzi, which makes electronic control components for building and industrial automation. The flaws were discovered by…
-
"Bug Exploitation Now Top Ransomware Access Vector"Security researchers at Secureworks found that vulnerability exploitation accounted for 52% of ransomware incidents over the past 12 months, making it the number one initial access vector for threat actors. The researchers stated that exploitation…
-
"Collective Defense — Integrated Cyber Expertise Hardens Cybersecurity"Every October, the National Cybersecurity Alliance (NCSA) and the Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) join industry and government to raise awareness about cybersecurity and best practices for all…
-
"Researchers Outline the Lazarus APT Offensive Toolset"Researchers at ESET discovered and examined a set of malicious tools used by the Lazarus Advanced Persistent Threat (APT) group in attacks at the end of 2021. The campaign began with spear phishing emails containing malicious Amazon-themed documents,…
-
"Bumblebee Malware Loader's Payloads Significantly Vary by Victim System"Bumblebee is a dangerous malware loader that first appeared in March. A new analysis of the malware loader reveals that its payload for systems connected to an enterprise network differs significantly from its payload for standalone systems. The malware…
-
"Fake Microsoft Exchange ProxyNotShell exploits for sale on GitHub"
Scammers are posing as security researchers and selling fake proof-of-concept (POC) ProxyNotShell exploits for newly discovered Microsoft Exchange zero-day vulnerabilities. The cybersecurity firm GTSC disclosed that two new zero-day vulnerabilities in…
-
"CISA Orders Federal Agencies to Regularly Track Network Assets and Vulnerabilities"The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive (BOD) requiring federal agencies across the country to keep track of assets and vulnerabilities on their networks…
-
"Telstra Suffers 'Sizeable' Data Breach, Mandates Two-Step Security Upgrade"
Telstra, Australia's largest telecoms operator, has experienced a data breach and has informed customers that they must enable two-factor authentication (2FA). The announcement of enhanced security measures comes just two weeks after a similar attack on…
-
"Senators' Plan to Secure Open Source Software Involves Agencies Using More of It"
According to legislation reported by the Senate Homeland Security and Governmental Affairs Committee, top cybersecurity officials should guide agencies toward using and contributing to open-source code libraries. The Securing Open Source Software Act of…
News