Cybersecurity
Category Added in a WPeMatico Campaign
Sep 13, 2023THNVulnerability / Browser Security Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow […]
The WiKI-Eve attack is designed to intercept WiFi signals during password entry, so it’s a real-time attack that must be carried out while the target actively uses their smartphone and attempts to access a specific application.
Reported ransomware attacks on organizations in the United Kingdom reached record levels last year, when criminals compromised data on potentially more than 5.3 million people from over 700 organizations, according to a surprisingly neglected dataset published by the Information Commissioner’s Office (ICO). The true count of ransomware incidents is a known unknown for officials trying […]
Sep 12, 2023THNSoftware Security / Vulnerability A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw “could allow an attacker to exploit a race condition within GitHub’s repository creation and username renaming operations,” Checkmarx security researcher Elad Rapoport said in a technical report […]
Hospitality and entertainment giant MGM Resorts on Monday said a “cybersecurity issue” forced the shutdown of certain computer systems, including the websites for some of the biggest Las Vegas and New York properties. A brief note posted to X (the website formerly known as Twitter) said external cybersecurity experts and law enforcement are involved in […]
SaaS applications are the backbone of modern businesses, constituting a staggering 70% of total software usage. Applications like Box, Google Workplace, and Microsoft 365 are integral to daily operations. This widespread adoption has transformed them into potential breeding grounds for cyber threats. Each SaaS application presents unique security challenges, and the landscape constantly evolves as […]
Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user’s interests from third-party cookies to the Chrome browser.
Sep 12, 2023THNCritical Infrastructure Security A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. “The attackers managed to steal credentials and compromise multiple computers on the […]
Investigations have begun into a massive ransomware attack that has affected Sri Lanka’s government cloud system, Lanka Government Cloud (LGC). The investigation is being conducted by the Sri Lanka Computer Emergency Readiness Team and Coordination Center (CERT|CC). Sri Lanka’s Information and Communication Technology Agency (ICTA) confirmed the attack to several local news outlets on September […]