Internet Security

CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

December 6, 2023 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds four Qualcomm vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Qualcomm vulnerabilities to its Known Exploited... Read more »

Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode

December 6, 2023 add comment
Researchers devised a new post-exploitation tampering technique to trick users into believing that their iPhone is in Lockdown Mode. Researchers from Jamf Threat Labs devised a new post-exploit tampering... Read more »

GST Invoice Billing Inventory exposes sensitive data to threat actors

December 6, 2023 add comment
GST Invoice Billing Inventory, a business accounting app for small and medium businesses with over 1M downloads has left a database open, exposing sensitive personal and corporate data up... Read more »

Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw

December 6, 2023 add comment
The U.S. CISA warns that threat actors are actively exploiting a critical vulnerability in Adobe ColdFusion to breach government agencies. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is... Read more »

ENISA published ENISA Threat Landscape for DoS Attacks

December 5, 2023 add comment
ENISA published the ENISA Threat Landscape for DoS Attacks report to bring new insights to the DoS threat landscape. Denial-of-Service (DoS) attacks pose a persistent and significant security risk... Read more »

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

December 5, 2023 add comment
Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Microsoft’s Threat Intelligence is warning of Russia-linked cyber-espionage group APT28... Read more »

Google fixed critical zero-click RCE in Android

December 5, 2023 add comment
Google fixed a critical zero-click RCE vulnerability (CVE-2023-40088) with the release of the December 2023 Android security updates. Google December 2023 Android security updates addressed 85 vulnerabilities, including a... Read more »

New P2PInfect bot targets routers and IoT devices

December 4, 2023 add comment
Cybersecurity researchers discovered a new variant of the P2PInfect botnet that targets routers and IoT devices. Researchers at Cado Security Labs discovered a new variant of the P2Pinfect botnet that targets... Read more »

Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware

December 4, 2023 add comment
Microsoft warns of ongoing malvertising attacks using the DanaBot malware to deploy the CACTUS ransomware. Microsoft uncovered ongoing malvertising attacks using the DanaBot Trojan (Storm-1044) to deploy the CACTUS... Read more »

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

December 4, 2023 add comment
The LockBit ransomware attack on the Industrial & Commercial Bank of China demonstrates the weakness of global financial system to cyberattacks. The ransomware breach that crippled U.S. Treasury trading... Read more »
Subscribe to our Newsletter