Online Security
-
Russian Turla APT Group Deploying New Backdoor on Targeted Systems
State-sponsored hackers affiliated with Russia are behind a new series of intrusions using a previously undocumented implant to compromise systems…
Read More » -
SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices
Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access (SMA) 100 series appliances that…
Read More » -
Don’t buy Chinese phones says Lithuania, due to Censorship Concerns
Lithuania Defense Ministry recommended that consumers avoid buying Chinese mobile phones as they have built-in censorship capabilities.
Read More » -
Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability
Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that’s…
Read More » -
Apple’s New iCloud Private Relay Service Leaks Users’ Real IP Addresses
A new as-yet unpatched weakness in Apple’s iCloud Private Relay feature could be circumvented to leak users’ true IP addresses…
Read More » -
A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit
Security researchers have disclosed an unpatched weakness in Microsoft Windows Platform Binary Table (WPBT) affecting all Windows-based devices since Windows…
Read More » -
Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation
Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that’s involved in selling phishing kits and email templates…
Read More » -
Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe’s ColdFusion 9 software in minutes to remotely…
Read More » -
Europol Busts Major Crime Ring, Arrests Over 100 Online Fraudsters
Law enforcement agencies in Italy and Spain have dismantled an organized crime group linked to the Italian Mafia that was…
Read More » -
Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack
Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of…
Read More » -
Exabytes hit by a Ransomware Attack, Hacker demands USD 900k
One of Malaysia's largest web hosting company, Exabytes, was hit by a ransomware attack this morning, affecting its hosting services.
Read More » -
Critical Flaws Discovered in Azure App That Microsoft Secretly Installs on Linux VMs
Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused…
Read More » -
New Malware Targets Windows Subsystem for Linux to Evade Detection
A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising…
Read More » -
Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects
Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially…
Read More » -
Download the Essential Guide to Response Automation
In the classic children’s movie ‘The Princess Bride,’ one of the characters utters the phrase, “You keep using that word.…
Read More » -
Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that’s actively…
Read More » -
New SpookJS Attack Bypasses Google Chrome’s Site Isolation Protection
A newly discovered side-channel attack demonstrated on modern processors can be weaponized to successfully overcome Site Isolation protections weaved into…
Read More » -
WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud
WhatsApp on Friday announced it will roll out support for end-to-end encrypted chat backups on the cloud for Android and…
Read More » -
Mēris Botnet Hit Russia’s Yandex With Massive 22 Million RPS DDoS Attack
Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service (DDoS) attack by a new botnet called…
Read More » -
Moving Forward After CentOS 8 EOL
The Linux community was caught unprepared when, in December 2020, as part of a change in the way Red Hat…
Read More » -
Russian Ransomware Group REvil Back Online After 2-Month Hiatus
The operators behind the REvil ransomware-as-a-service (RaaS) staged a surprise return after a two-month hiatus following the widely publicized attack…
Read More » -
3 Ways to Secure SAP SuccessFactors and Stay Compliant
The work-from-anywhere economy has opened up the possibility for your human resources team to source the best talent from anywhere.…
Read More » -
Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server
The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to…
Read More » -
ProtonMail Shares Activist’s IP Address With Authorities Despite Its “No Log” Claims
End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP…
Read More » -
Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack
Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service…
Read More »