Cybersecurity
Category Added in a WPeMatico Campaign
Dec 13, 2023NewsroomPatch Tuesday / Windows Security Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are rated Critical and 29 are rated Important in severity. The fixes are in addition […]
Let’s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum? Surprisingly, it’s the EHR, and the difference is stark: according to a study, EHRs can sell for up to $1,000 each, compared to a […]
Dec 12, 2023NewsroomCyber Espionage / Malware The Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace. IBM X-Force is tracking the adversary under the name ITG05, which is also known as BlueDelta, Fancy Bear, […]
Around 1,450 instances of pfSense, an open-source firewall and router software, are vulnerable to command injection and cross-site scripting flaws. These flaws, if exploited together, could allow attackers to execute remote code on the system.
Proofpoint has warned recruiters of a skilled threat actor targeting them with emails designed to deploy malware. TA4557 is a financially motivated threat actor known to distribute the More_Eggs backdoor, which is designed to establish persistence, profile the targeted machine and drop additional payloads. Throughout 2022 and most of 2023 the actor has been replying to […]
Valve, the developer of Counter Strike 2, is expected to address the rumours surrounding the new CS2 exploit. Meanwhile, be cautious and watch out for suspicious links from unknown senders. A recently uncovered CS2 exploit (apparently an XSS vulnerability) has raised concerns within the gaming community, posing a potential threat to player security. This exploit […]
Facial recognition technology company Clearview AI has reached a settlement with plaintiffs in a class-action privacy lawsuit after a long court battle, according to a court docket entry filed November 30. The terms of the settlement are not yet public. The docket entry from an Illinois federal court noted that the parties to the case […]
Attackers have used hundreds of fake profiles on LinkedIn — many very convincing — to target professionals at companies in Saudi Arabia, not only for financial fraud, but to convince employees in specific roles to provide sensitive corporate information. In a presentation at the Black Hat Middle East and Africa conference last month, researchers said […]
The use of automated security technology is growing rapidly, which in turn is propagating the “shift everywhere” philosophy – performing security tests throughout the entire software development life cycle – across more organizations, according to Synopsys. This year’s findings revealed a clear trend of firms increasingly taking advantage of security automation to replace manual, subject […]