Researchers have discovered 21 vulnerabilities in a popular brand of industrial router. On Dec. 7 at Black Hat Europe, analysts from Forescout will reveal the bugs — including one of 9.6 “Critical” severity on the CVSS scale, and nine “High” severity — affecting a brand of operational technology (OT)/Internet of Things (IoT) routers especially common […]
MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and categorize behaviors of cyber adversaries in real-world attacks. The framework is constantly being adapted to include new and modified behaviors related […]
Canada on Monday banned popular Chinese messaging app WeChat and Russian platform Kaspersky from government smartphones and other mobile devices, citing privacy and security risks. The suite of applications would be immediately removed from government-issued devices and users will be blocked from downloading them in the future, said a statement. Treasury Board President Anita Anand, […]
The maker of the popular optimization app CCleaner has confirmed hackers stole a trove of personal information about its paid customers following a data breach in May. In an email sent to customers, Gen Digital, the multinational software company that owns CCleaner, Avast, NortonLifeLock and Avira brands, said that the hackers exploited a vulnerability in […]
Popular typing assistant Grammarly said it has fixed vulnerabilities affecting user logins after being notified by a security company of the issues. The bugs affected social sign-in — when someone accesses a web service through their existing credentials for a platform like Facebook or Google — and were caused by issues with implementations of Open […]
Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a malicious Google ad for KeePass, the open-source password manager which was extremely deceiving. We previously reported on how brand impersonations are a common occurrence these days due to a feature known as tracking templates, but this […]
A new report by Trellix reveals that Discord, a popular communication platform, is being increasingly used by hackers, including advanced persistent threat (APT) groups, to target critical infrastructure.
A vulnerability affecting a widely used tool embedded in web browsers and a separate bug in a popular file transfer tool are being exploited by hackers, according to both government officials and cybersecurity experts. The Cybersecurity and Infrastructure Security Agency (CISA) warned on Monday that hackers are exploiting CVE-2023-5217 — a vulnerability affecting Google’s Chrome […]