Security News
Cactus ransomware claim to steal 1.5TB of Schneider Electric data
The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company’s network last month. […]
Read MoreAnatsa Android malware downloaded 150,000 times via Google Play
The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. […]
Read MoreCritical Internet DNS flaw found by German Researchers
In a technical report, published by German researchers they demonstrate how with just a single DNS packet they can exhaust the DNS Server CPU and stall all widely-used DNS implementations and public DNS providers, such as Google Public DNS and Cloudflare. The impact of KeyTrap attacks is far-reaching. Exploiting KeyTrap, attackers can effectively disable Internet access in any system utilizing a DNSSEC-validating DNS resolver.
Read MoreALPHV ransomware claims loanDepot, Prudential Financial breaches
The ALPHV/Blackcat ransomware gang has claimed responsibility for the recent network breaches of Fortune 500 company Prudential Financial and mortgage lender loanDepot. […]
Read MoreSolarWinds fixes critical RCE bugs in access rights audit solution
SolarWinds has patched five remote code execution (RCE) flaws in its Access Rights Manager (ARM) solution, including three critical severity vulnerabilities that allow unauthenticated exploitation. […]
Read MoreRansomHouse gang automates VMware ESXi attacks with new MrAgent tool
The RansomHouse ransomware operation has created a new tool named ‘MrAgent’ that automates the deployment of its data encrypter across multiple VMware ESXi hypervisors. […]
Read MoreMicrosoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation.
Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that have been fixed
Hackers used new Windows Defender zero-day to drop DarkMe malware
Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT). […]
Read MoreAI adoption in security taking off amid budget, trust, and skill-based issues
While the application of AI has picked up in cybersecurity, large-scale adoption still suffers from a lack of expertise, budget, and trust, according to a MixMode report.
The report, commissioned through the Ponemon Institute, surveyed 641 IT and security practitioners in the US to understand the state of AI in cybersecurity and found the adoption is still at an early stage.
Read MoreAlert: CISA Warns of Active ‘Roundcube’ Email Attacks – Patch Now
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of