Cybersecurity
Category Added in a WPeMatico Campaign
Jan 15, 2024NewsroomOperational Technology / Network Security Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which discovered the flaw in Bosch BCC100 thermostats last August, said the issue could be […]
Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic Pierluigi Paganini January 15, 2024 Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recently disclosed Bluetooth keyboard injection issue tracked as CVE-2024-0230. The flaw […]
Jan 15, 2024NewsroomWebsite Security / Vulnerability Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizing security flaws WordPress plugins to inject backdoor […]
Jan 15, 2024NewsroomServer Security / Cyber Attack The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security company Cloudflare said in its DDoS threat report for 2023 Q4 published […]
Jan 14, 2024NewsroomCyber Attack / Vulnerability The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The intrusions, which targeted around 22 Danish energy organizations in May 2023, occurred in two distinct waves, one which exploited a […]
Jan 13, 2024NewsroomVulnerability / Network Security Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web of Juniper Networks Junos OS SRX Series […]
Jan 13, 2024NewsroomCryptojacking / Cloud Security A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud […]
Healthcare , Industry Specific , Legislation & Litigation ReproSource Also Agrees to Beef Up Security in Wake of 2021 Ransomware Attack Marianne Kolbasuk McGee (HealthInfoSec) • January 12, 2024 Image: ReproSource A fertility testing laboratory has agreed to improve its data security practices and pay up to $1.25 million to settle a consolidated […]
Lush, the privately-owned British cosmetics retailer with stores in North America, is “currently responding to a cyber security incident.” a spokesperson has confirmed. The company, which operates in 49 countries, also owns production facilities in Europe, Japan and Australia. It is not clear if these have been affected. Although the nature of the incident has […]