Nov 09, 2023The Hacker NewsEmail Security / SaaS Security While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow […]
Nov 09, 2023NewsroomCyber Attack / Malware Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. “The framework’s web component is written in the Go programming language,” Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday. The tool has been […]
NI’s updated take on the classic modular controller offers even better integration with the Traktor software. Greg Scarth finds out what the new X1 has to offer for Traktor DJs. The original Traktor Kontrol X1 was released in 2009 and helped to define the idea of the modular controller. Designed for use with the first […]
The government council for Scotland’s Western Isles said it is dealing with an IT outage that forced it to provide temporary phone numbers for services. The Comhairle nan Eilean Siar — which governs the more than 470,000 people living on the chain of islands on Scotland’s western coast — said access to the IT system […]
The US government has launched a new campaign designed to encourage critical infrastructure (CNI) stakeholders to enhance cyber-resilience in their organizations. The “Shields Ready” initiative is intended to complement the successful “Shields Up” campaign. Unlike the latter, which was focused on helping all organizations and individuals to prepare for, respond to and mitigate cyber-attacks, Shields Ready […]
Nov 09, 2023NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be […]
The North Korea-based BlueNoroff APT group has been linked with a new malware strain that is being used to target macOS systems. Dubbed ObjCShellz, the malware shares similarities with the RustBucket malware campaign, which came to light earlier this year. Diving in details Jamf Threat Labs first came across the malware while investigating a Mach-O […]
Cloud monitoring, log management, and SIEM tools provider Sumo Logic is urging customers to change credentials following the discovery of a security breach. The company revealed on Tuesday that a “potential security incident” discovered on November 3 involved unauthorized access to a Sumo Logic AWS account through the use of compromised credentials. There is no […]
Royal Mail jeopardizes users with open redirect flaw Pierluigi Paganini November 08, 2023 Royal Mail has left an open redirect vulnerability on one of its sites, exposing its customers to phishing attacks and malware infections. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of Amazon. The […]