Security News
Atlassian Confluence High-Severity Bug Allows Code Execution
Because of the role the Confluence Server plays in managing documentation and knowledge data bases, the researchers recommend users upgrade to patch CVE-2024-21683 as soon as possible.
Read MoreBreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?
The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure.
Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site’s online return at breachforums[.]st – one of the dismantled sites – by a user named ShinyHunters,
Over 90 malicious Android apps with 5.5M installs found on Google Play
Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. […]
Read MoreAttackers Target Check Point VPNs to Access Corporate Networks
Using VPNs as an initial access vector is ironic, given that security is the very reason enterprises employ them in the first place.
Read More6 Facts About How Interpol Fights Cybercrime
So you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.
Read MoreGoogle Discovers Fourth Zero-Day in Less Than a Month
The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.
Read MoreBacklogs at National Vulnerability Database prompt action from NIST and CISA
Backlogs at the US National Vulnerability Database (NVD), a critical source of information about security flaws in software, have reached crisis proportions, prompting federal agencies to seek help from the private sector.
Read MoreSingapore Cybersecurity Update Puts Cloud Providers on Notice
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
Read MoreMicrosoft Windows DWM Zero-Day Poised for Mass Exploit
CVE-2024-30051, under active exploit, is the most concerning out of this month’s Patch Tuesday offerings, and already being abused by several QakBot actors.
Read MoreAs the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs
Scattered Spider is as active as ever, despite authorities claiming that they’re close to nailing its members.
Read More