Cybersecurity
Category Added in a WPeMatico Campaign
Cyberattacks in Arizona and Missouri have limited local resident access to critical services used by thousands of people. In Arizona, a cyberattack brought down the systems of Mt. Graham Regional Medical Center (MGRMC). The 25-bed hospital in Safford, Arizona, is the primary source of healthcare for both Graham and Greenlee Counties, which have a combined […]
Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation, Lu0Bot is a serious threat to organizations and individuals. Although currently, the malware has low activity, […]
Oct 05, 2023NewsroomCyber Espionage / Cyber Threat A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a spear-phishing attack that led to the deployment of a hitherto undocumented implant written in C++ called DinodasRAT. The […]
Two of the world’s largest email providers said Tuesday that they will take several new steps to rein in bulk senders and prevent spam. In its announcement, Yahoo noted that many bulk senders don’t set systems up properly, which can lead to “malicious actors” exploiting them undetected. Across the first quarter of 2024, Yahoo said […]
Server and computer hardware giant Supermicro has released updates to address multiple vulnerabilities in Baseboard Management Controllers (BMC) IPMI firmware. The issues (tracked as CVE-2023-40284 to CVE-2023-40290) could allow remote attackers to gain root access to the BMC system, firmware supply chain security firm Binarly, which identified the bugs, explains. A special chip on server […]
Oct 05, 2023NewsroomMobile Security / crypto A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims’ funds and backdoor infected devices. “The malware targets more than 50 Vietnamese banking, e-wallet and crypto wallet applications,” Group-IB said. “There are indications that this threat might be poised […]
Identity & Access Management , Multi-factor & Risk-based Authentication , Security Operations Uno’s Design Wisdom Will Accelerate Rollout of Okta’s First-Ever Consumer Product Michael Novinson (MichaelNovinson) • October 4, 2023 Okta purchased a password manager founded by a former Google engineer and backed by Andreessen Horowitz to get a foothold in the consumer […]
The vulnerability, which affects CER version 12.5(1)SU4, could be exploited to execute arbitrary commands as the root user. Admins are urged to update their vulnerable installations promptly, as there are no temporary workarounds available.
Oct 05, 2023NewsroomVulnerability / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below – CVE-2023-42793 (CVSS score: 9.8) […]