Cybersecurity
Category Added in a WPeMatico Campaign
Attack. Remediate. Repeat? Speak to any organization infiltrated by ransomware—the most dangerous malware in the world—and they’ll be blunt: They’d do anything to avoid getting hit twice. But ransomware attacks have been ramping up in 2023 and reinfections are occurring all over the globe, forcing lean IT teams to prepare. Why are businesses getting hit […]
Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners […]
The flaw, introduced in glibc 2.34, highlights the severity and widespread nature of the vulnerability, emphasizing the need for immediate patching by system administrators.
Low-budget hotel chain Motel One has been the victim of a ransomware attack that exposed customers’ payment card details. News of the ransomware attack and subsequent data breach was made public on September 30, after Motel One made a post regarding it on its X page, saying: “Motel One has become the target of a hacker […]
The vulnerabilities, collectively known as “ShellTorch,” have been patched in the latest version of TorchServe (0.8.2), hence, developers are encouraged to update to ensure their systems are secure.
LightSpy, a malware deployed in a 2020 watering hole attack against iOS users, has been found to be embedded with a set of 14 plugins that are responsible for private data exfiltration. Researchers have attributed the malware to the Chinese state-sponsored APT41 group, which previously had used DragonEgg and WyrmSpy spyware to target Android users. […]
Oct 04, 2023THNEndpoint Security / Vulnerability A new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library’s ld.so dynamic loader that, if successfully exploited, could lead to a local privilege escalation and allow a threat actor to gain root privileges. Tracked as CVE-2023-4911 (CVSS score: 7.8), the issue is a […]
Oct 03, 2023THNZero Day / Vulnerability Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in severity. “There are indications from Google Threat […]
Experts Discover Multiple Malicious npm Packages | Cyware Alerts – Hacker News The world of open-source software offers countless benefits to developers worldwide. However, with opportunities also come risks. The FortiGuard Labs team recently uncovered numerous malicious packages within npm, the most extensive software registry for JavaScript. This article delves deep into these packages, unveiling […]