Cybersecurity
Category Added in a WPeMatico Campaign
One of the vulnerabilities allows remote unauthenticated attackers to execute code in the context of the service account. The other two vulnerabilities patched include a remote code execution bug and an information disclosure issue.
Global spending on security and risk management is projected to reach $215 billion next year, a 14% year-over-year increase from 2023, Gartner said Thursday in its latest forecast on the sector. Security services, the industry’s largest segment spanning consulting, IT outsourcing, implementation and hardware support, will account for 42% of all spending. The segment will […]
Clorox said all of its manufacturing facilities were back up and running following an August cyberattack that led to weeks of disruption and product shortages, according to a Friday update. The Oakland, California-based maker of Pine-Sol and household bleach, said it resumed automated order processing on Sept. 25 and was ramping up the pace of production […]
Some packages exfiltrate data via webhooks or file-sharing links, while others scan for sensitive files and directories. Users are advised to be cautious and watch for suspicious install scripts.
The effectiveness of Cloudflare’s Firewall and DDoS prevention has been proven to be compromised by an attack technique that takes the use of logical vulnerabilities in cross-tenant security policies. This finding has sparked worries about possible vulnerabilities that could damage the security company’s clients. How Does the Cloudflare Attack Work? The attack only requires the creation […]
The Android banking Trojan Zanubis has taken on a new guise, posing as the official app for the Peruvian governmental organization SUNAT (Superintendencia Nacional de Aduanas y de Administración Tributaria). Originally detected in August 2022, this malware targets financial and cryptocurrency users in Peru by impersonating legitimate Android apps. Zanubis tricks users into granting Accessibility […]
Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an “evolved version” of another loader malware known as DoubleFinger. “The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.,” Kaspersky said in […]
A nonprofit institution for developing communications standards said hackers have stolen a database identifying its users. The European Telecommunications Standards Institute (ETSI) announced the incident last week. It is not yet clear whether the attack was financially motivated or if the hackers had intended to acquire the list of users for espionage purposes. Following the […]
The FBI is warning the public of a recent nationwide increase in “Phantom Hacker” scams, significantly impacting senior citizens. This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institution, and government personas to enhance the trust victims place in the scammers and identify the most […]