Cybersecurity
Category Added in a WPeMatico Campaign
Cisco Talos has disclosed 17 vulnerabilities over the past two weeks, including nine that exist in a popular VPN software. Attackers could exploit these vulnerabilities in the SoftEther VPN solution for individual and enterprise users to force users to drop their connections or execute arbitrary code on the targeted machine. Talos’ Vulnerability Research team […]
Microsoft has been closely monitoring the activities of a threat group known as Octo Tempest. This group has emerged as a major concern for businesses across a variety of sectors due to its financially driven motives and sophisticated tactics. Octo Tempest is notorious for its broad social engineering campaigns, aiming to compromise organizations worldwide with […]
The vulnerability arises from an unauthenticated buffer-related flaw in Citrix devices, which can be exploited to gain unrestricted access to the appliances and potentially hijack user accounts.
UK lawmakers have launched an inquiry into the cyber-resilience of critical national infrastructure (CNI), claiming the country is the third most targeted globally, after the US and Ukraine. The Science, Innovation and Technology Committee will oversee the inquiry, alarmed at the proliferation of state and non-state actors using offensive cyber capabilities against UK organizations. As […]
Oct 26, 2023NewsroomCyber Threat / Social Engineering The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described […]
Oct 26, 2023NewsroomNetwork Security / Cyber Attack Cloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). “The campaign contributed to an overall increase of 65% in HTTP DDoS attack traffic […]
Oct 26, 2023The Hacker NewsWeb Security / Data Protection While cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases. Download the full case study here. […]
ServiceNow has fixed a flaw that allowed unauthenticated attackers to steal sensitive data. The flaw was highlighted by security researcher Aaron Costello, who found that the default configurations of ServiceNow’s widgets exposed personal data.
Operating since last May, an emerging ransomware strain called Rhysida was deployed along with new stealer malware called Lumar for a potent new one-two punch against Brazil’s popular PIX payment system users. Researchers from Kaspersky reported Rhysida is functioning as a ransomware-as-a-service (RaaS) operation with a demonstrated ability to quickly evolve. “It stands out for […]