Sep 20, 2023THNNetwork Security / Vulnerability Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following responsible disclosure on August 4, 2023, They have been patched […]
Pizza Hut’s Australian operations have been hit by a cyber-attack, the company says, with customer data including delivery addresses and order details stolen in the hack. In an email to customers on Wednesday, Pizza Hut Australia’s chief executive, Phil Reed, said the company became aware in early September that there had been “unauthorised third party” […]
Ransomware attackers remain a major threat to the United States and are on pace to have their second most profitable year ever, the Department of Homeland Security said in an annual report. The findings were part of the department’s 2024 Homeland Threat Assessment report released last week, which outlined a range of issues related to […]
Cloud Security , Security Operations Deal Will Offer Visibility Into Application Behavior, Vulnerability Prioritization Michael Novinson (MichaelNovinson) • September 19, 2023 CrowdStrike plans to purchase a Silicon Valley application security startup founded by two Israel Defense Forces veterans in a bid to expand risk visibility and protection across entire cloud computing environments. See […]
Key Takeaways Proofpoint has observed an increase in activity from specific malware families targeting Chinese-language speakers. Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity. Newly observed ValleyRAT is emerging as a new malware among Chinese-themed cybercrime activity, while Sainbox RAT and related variants are recently active as well. The increase in […]
The Sonatype Security Research team is currently tracking an ongoing campaign on the npm registry that uses npm packages to retrieve and exfiltrate your Kubernetes configuration and SSH keys to an external server.
Sep 20, 2023THNCyber Crime / Dark Web Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. “The site operated as a hidden service in the encrypted TOR network,” the Finnish Customs (aka Tulli) said in a brief announcement on Tuesday. “The […]
A cyberattack on a small city in Kansas has disrupted the government’s email, phone and online payment systems. Pittsburg — home to about 20,000 people along the state’s border with Missouri and Oklahoma — said it discovered the incident over the weekend. The attack caused an IT outage that limited government systems but did not […]
At present, there is no available information regarding the extent of the cyberattack’s nature and impact on the ICC’s systems or whether the perpetrators managed to access or exfiltrate any data or files from its network.