Cybersecurity

Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices

Dec 01, 2023NewsroomFirewall / Network Security Zyxel has released patches to address 15 security issues impacting network-attached storage (NAS), firewall, and access point (AP) devices, including three critical flaws that could lead to authentication bypass and command injection. The three vulnerabilities are listed below – CVE-2023-35138 (CVSS score: 9.8) – A command injection vulnerability that […]

Cybersecurity

Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

Dec 01, 2023NewsroomSpyware / Threat Analysis Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described […]

Cybersecurity

Associated Press, ESPN, CBS among top sites serving fake virus alerts | Malwarebytes

ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one of their online scams on your mobile device. Confiant, the firm that has tracked ScamClub for years, released a comprehensive report in September while also disrupting their activities. However, ScamClub has been back for several […]

Cybersecurity

Behind the Attack: LUMMA Malware – Perception Point

Perception Point’s team of researchers recently investigated a malware attack aimed to bypass threat detection engines. The sophisticated attack was caught by our advanced threat prevention platform; the payload was detected by our next-gen sandboxing technology. Read on to learn more. Distribution In this campaign, the attacker impersonates a financial services company and sends the […]

Cybersecurity

Booking.com Customers Scammed in Novel Social Engineering Campaign

Booking.com customers are being targeted by a novel social engineering campaign, which is “paying serious dividends” for cybercriminals, according to new research by Secureworks. The researchers said the campaign, which they believe has been running for at least a year, begins by deploying the Vidar infostealer to gain access partner hotels’ Booking.com credentials. This information is […]