Cybersecurity
Category Added in a WPeMatico Campaign
Google on Tuesday announced the release of Chrome 118 to the stable channel with fixes for 20 vulnerabilities, including 14 reported by external researchers. The most severe of the externally reported flaws is CVE-2023-5218, a critical bug described as a use-after-free issue in Site Isolation, Chrome’s component responsible for preventing sites from stealing other sites’ […]
A previously unidentified APT group, known as Grayling, has been targeting a range of organizations spanning the manufacturing, IT, and biomedical sectors in Taiwan since February. The group’s reach has not been confined to Taiwan alone; a Pacific Islands’ government agency and entities in both Vietnam and the U.S. have also been targeted. Diving into […]
In a recent development to the ongoing Crunchyroll privacy issues, the Crunchyroll class action lawsuit has propelled the organization to settle down with paying the users of its platform. The popular streaming service has agreed in a class action lawsuit filed against them. This class action lawsuit, which took place in a United States District Court […]
Oct 11, 2023NewsroomWebsite Security / Hacking More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector, nearly twice the number of detections in August. Of these, 9,000 of the websites are said to have been infiltrated using a recently disclosed security flaw in the tagDiv […]
Oct 11, 2023NewsroomVulnerability / Exploit The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to […]
Oct 11, 2023The Hacker NewsPassword Security / Data Safety Passwords are at the core of securing access to an organization’s data. However, they also come with security vulnerabilities that stem from their inconvenience. With a growing list of credentials to keep track of, the average end-user can default to shortcuts. Instead of creating a strong […]
Cybercrime as-a-service , Fraud Management & Cybercrime , Governance & Risk Management Litigation Filed Days After Alphv/BlackCat Claimed to Have Stolen Data of 2.5 Million Patients Marianne Kolbasuk McGee (HealthInfoSec) • October 10, 2023 McLaren Health Care faces at least three proposed federal class action lawsuits so far in the aftermath of a […]
Magecart attackers have launched a new covert campaign targeting eCommerce platforms, primarily Magento and WooCommerce. Several victims, some linked to major food and retail organizations, have been ensnared by this sophisticated operation. Unlike previous Magecart attacks, this campaign exhibits advanced evasion techniques that have left many security experts puzzled. Diving into details Magecart attacks usually […]
Oct 11, 2023NewsroomVulnerability / Endpoint Security Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws, 13 are rated Critical and 90 are rated Important in severity. This is apart from […]