Cybersecurity
Category Added in a WPeMatico Campaign
Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management. In this article, we discuss omission bias in vulnerability management, particularly vulnerability remediation, and how […]
The British government has told business leaders to “toughen up” their protections against cyberattacks and prioritize the threat as a key business risk similar to financial and legal challenges. It follows a government survey that identified “insufficient director involvement” in their organization’s cybersecurity, with just 30% of businesses having “board members or trustees explicitly responsible […]
A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) group under the name Blackwood. It’s said to be active since at least 2018. […]
Jan 25, 2024NewsroomThreat Intelligence / Malware Research A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads onto compromised hosts for follow-on exploitation. Arctic Wolf Labs, which discovered the new attack tool in two recent intrusions, said the loader’s icon and name masquerades as the […]
Both Juniper Networks and Ivanti have attracted criticism from members of the infosec industry for the way they’ve handled the disclosure of vulnerabilities over the past week.
Teenpatti.com and (Mobile Premier League)Mpl.live, two prominent online gaming platforms in India, may have experienced a data breach. Allegedly, a cybercriminal known as ‘roshtosh’ has put up for sale data claimed to be stolen from these platforms. The online gaming data breach, disclosed on January 22, 2024, following the threat activity on January 20, 2024, […]
Jamf Threat Labs researchers warned against pirate applications distributing a backdoor to macOS users. The researchers noticed the apps appeared similar to ZuRu malware and allowed attackers to download and execute multiple payloads to compromise machines. First discovered According to researchers, the pirated applications are hosted on Chinese pirating websites. They first came across the […]
The flaw affects several versions of GitLab and patches have already been released. The servers at risk are mainly located in the United States, Germany, Russia, China, France, the U.K., India, and Canada.
CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 25, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Atlassian Confluence Data Center and Server Template […]