Cybersecurity
Category Added in a WPeMatico Campaign
Threat actor leveraging patched vulnerabilities to send high-volume campaigns to targets in Europe and North America
Dec 06, 2023NewsroomCyber Threat / Vulnerability A collection of 21 security flaws have been discovered in Sierra Wireless AirLink cellular routers and open-source software components like TinyXML and OpenNDS. Collectively tracked as Sierra:21, the issues expose over 86,000 devices across critical sectors like energy, healthcare, waste management, retail, emergency services, and vehicle tracking to cyber […]
Kali Linux 2023.4, the latest version of the Linux distribution for ethical hackers and cybersecurity professionals, has been released. It includes fifteen new tools and the GNOME 45 desktop environment.
IT services company HTC Global Services has confirmed that it has suffered a cyberattack. The ALPHV ransomware gang has leaked screenshots of stolen data, including passports, contact lists, emails, and confidential documents.
In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents and alerts. Implementing automation throughout security operations helps security teams alleviate these challenges by […]
Dec 06, 2023NewsroomVulnerability / Web Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. “The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result […]
Dec 06, 2023NewsroomSoftware Security / Vulnerability Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below – CVE-2022-1471 (CVSS score: 9.8) – Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple […]
Dec 06, 2023NewsroomVulnerability / Mobile Security Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under “limited, targeted exploitation” back in October 2023. The vulnerabilities are as follows – CVE-2023-33063 (CVSS score: 7.8) – Memory corruption in DSP Services during a remote call from HLOS to DSP. CVE-2023-33106 (CVSS […]
Dec 05, 2023NewsroomMobile Security / Spyware A new “post-exploitation tampering technique” can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it’s actually not and carry out covert attacks. The novel method, detailed by Jamf Threat Labs in a report shared with […]