Cybersecurity

Flaws in public records management tool could let hackers nab sensitive data linked to requests

A popular tool used by numerous state and local governments to manage public records requests contained defects that could have allowed hackers to download troves of unsecured files tethered to records inquiries, including highly sensitive personal information like IDs, fingerprints, child welfare documentation and medical reports, Nextgov/FCW has learned. The flaws, which have been remedied, […]

Cybersecurity

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels – Help Net Security

OffSec has released Kali Linux 2024.1, the latest version of its popular penetration testing and digital forensics platform. The new version comes with new tools, a fresh look (themes, wallpapers and icons for Kali and Kali Purple), a new image viewer for the Gnome desktop and a usability enhancement to the Xfce desktop (the ability […]

Cybersecurity

WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites

Feb 27, 2024NewsroomWebsite Security / Cryptojacking A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and […]

Data Center

6 machine learning applications for data center optimization | TechTarget

Machine learning and artificial intelligence are popular buzzwords for today’s IT professionals, but in the case of your organization’s data centers, they hold real promise. ML software actively predicts situations faster than you or your team might notice them and maybe even solves them quicker. These systems are a logical extension of today’s hybrid data […]

Cybersecurity

HijackLoader Expands Techniques to Improve Defense Evasion

HijackLoader continues to become increasingly popular among adversaries for deploying additional payloads and tooling A recent HijackLoader variant employs sophisticated techniques to enhance its complexity and defense evasion CrowdStrike detects this new HijackLoader variant using machine learning and behavior-based detection capabilities  CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion […]

Cybersecurity

Malicious ads for restricted messaging applications target Chinese users | Malwarebytes

An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram or LINE with the intent of dropping malware. Interestingly, software like Telegram is heavily restricted and was previously banned in China. Many Google services, including Google search, are also either restricted or heavily censored in […]