Jan 22, 2024NewsroomVulnerability / Malware Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. “The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners,” Trustwave said. […]
Last updated 22 January, 2024 As a DJ, unless you spin with records or CDs exclusively (which very few people do nowadays), you are going to need to choose a DJ software platform. This is one of the biggest decisions you’ll make in your DJing, akin to a music producer deciding if they want to […]
Last updated 21 January, 2024 The new iRig Stream Mic USB is an affordable USB mic that’s really good for DJs wanting to add a microphone to DJ livestreams when streaming with a Mac, Windows PC or even with a tablet. That’s because as well as a high-quality directional condenser mic, this unit is also […]
Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. “UNC3886 has a track record of utilizing zero-day vulnerabilities […]
The breach was facilitated by a password spray attack on a non-production test tenant account lacking two-factor authentication, highlighting the importance of robust account security measures.
Suspicions have been raised about a potential data leak from mobile service providers or a breach in the SMS provider used for OTP code delivery as the possible cause of the hacks.
Jan 20, 2024NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. The development came after the vulnerabilities – […]
Jan 20, 2024NewsroomCyber Espionage / Emails Security Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company’s cybersecurity and legal departments. The Windows maker attributed the attack to a Russian […]
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending thousands of invoice-themed emails targeting North America bearing decoy PDF files. […]