Cybersecurity
Category Added in a WPeMatico Campaign
Sep 29, 2023THNArtificial Intelligence / Malware Malicious ads served inside Microsoft Bing’s artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations. Introduced by Microsoft […]
Cybercrime , Fraud Management & Cybercrime , Governance & Risk Management Proposed Class Action Claim Against Amerita Linked to Larger PharMerica Breach Marianne Kolbasuk McGee (HealthInfoSec) • September 28, 2023 Image: Shutterstock Specialty infusion company Amerita is facing a proposed federal class action lawsuit in the wake of a March cyberattack on its […]
Sep 29, 2023THNServer Security / Vulnerability Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are […]
Sep 29, 2023THNVulnerability / Network Security Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6.6. It impacts […]
More than 3.8 billion records have been exposed after digital protection firm DarkBeam left an interface containing the exposed records unprotected. The leak was discovered on September 18 by CEO of cyber security news site SecurityDiscovery, Bob Diachenko, who alerted DarkBeam to the leak. The digital protection firm immediately addressed the vulnerability and closed the leak […]
Sep 28, 2023THNSupply Chain / Malware A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. “The malicious code exfiltrates the GitHub project’s defined secrets to a malicious C2 server and modify any existing javascript files in the attacked […]
The Cybersecurity and Infrastructure Security Agency launched its first-ever national public service campaign to raise awareness of cybersecurity in local communities, including for families and small businesses. The Secure our World campaign is designed to teach people and businesses in local communities how to stay safe online. The campaign includes public service announcements on television, […]
The attackers utilized typosquatting and code modifications to trick developers into installing malicious packages and continuously refined their techniques to evade detection.
Caesars Entertainment is facing multiple class action lawsuits from hotel guests alleging the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack. Caesars disclosed earlier this month that its guest rewards database was stolen after hackers launched an attack against an IT support vendor. Security researchers say […]