Cybersecurity
Category Added in a WPeMatico Campaign
A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco’s brand and is displayed first when performing a Google search. We are releasing this blog to warn users about this threat as the malicious ad has been online for almost […]
Israeli security startup Zenity has landed $16.5 million in new venture capital funding to work on technology to secure the ‘low-code/no-code’ dev ecosystem. Zenity said the Series A financing was led by Intel Capital and included new investors from Gefen Capital and B5. Existing backers Vertex Ventures and Upwest also expanded equity stakes. The company […]
A new ransomware family dubbed 3AM has emerged in the threat landscape. It was detected in an attack by a LockBit affiliate who attempted to deploy the ransomware when LockBit was blocked on the targeted network. Diving in details It begins with the use of the gpresult command to retrieve the policy settings for a […]
Two new high-severity Kubernetes vulnerabilities leave all Windows endpoints on an unpatched cluster open to remote code execution (RCE) with system privileges. Akamai has released a new report flagging the two Kubernetes vulnerabilities, and urged system administrators to take immediate steps to mitigate. The find was built on previous research into Windows nodes vulnerability CVE-2023-3676 […]
Sep 14, 2023THNEndpoint Security / Vulnerability A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. “Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run […]
The governing body for soccer in the Netherlands said this week that it paid a ransom to hackers who breached its systems earlier this year and stole the sensitive data of more than more than 1.2 million employees and members. The Royal Dutch Football Association (KNVB) didn’t say how large the ransom was, but it […]
Sep 14, 2023THNSupply Chain / Malware A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack. The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system. […]
Employee offboarding is no one’s favorite task, yet it is a critical IT process that needs to be executed diligently and efficiently. That’s easier said than done, especially considering that IT organizations have less visibility and control over employees’ IT use than ever. Today, employees can easily adopt new cloud and SaaS applications whenever and […]
The number of claimants in a class action lawsuit against Capita, a UK company, is increasing following a cybersecurity breach in March. Manchester-based law firm, Barings Law, sent a legal letter to Capita in June after receiving numerous enquiries.