Posts by External News-Site
Atlassian Confluence High-Severity Bug Allows Code Execution
Because of the role the Confluence Server plays in managing documentation and knowledge data bases, the researchers recommend users upgrade to patch CVE-2024-21683 as soon as possible.
Read MoreBreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?
The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure.
Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site’s online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,
Over 90 malicious Android apps with 5.5M installs found on Google Play
Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. […]
Read MoreAttackers Target Check Point VPNs to Access Corporate Networks
Using VPNs as an initial access vector is ironic, given that security is the very reason enterprises employ them in the first place.
Read MoreMoroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud
Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that’s behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks.
“Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate,” the company said in its latest Cyber Signals report. “We’ve seen some examples where
6 Facts About How Interpol Fights Cybercrime
So you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.
Read MoreGoogle Discovers Fourth Zero-Day in Less Than a Month
The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.
Read MoreBacklogs at National Vulnerability Database prompt action from NIST and CISA
Backlogs at the US National Vulnerability Database (NVD), a critical source of information about security flaws in software, have reached crisis proportions, prompting federal agencies to seek help from the private sector.
Read MoreSingapore Cybersecurity Update Puts Cloud Providers on Notice
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
Read MoreMicrosoft Windows DWM Zero-Day Poised for Mass Exploit
CVE-2024-30051, under active exploit, is the most concerning out of this month’s Patch Tuesday offerings, and already being abused by several QakBot actors.
Read More