Internet Security

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

August 2, 2023 add comment
US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the... Read more »

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

August 1, 2023 add comment
Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto Network Unit 42 discovered a previously unreported phishing campaign... Read more »

US govt is hunting a Chinese malware that can interfere with its military operations

August 1, 2023 add comment
The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict. American intelligence officials believe... Read more »

WikiLoader malware-as-a-service targets Italian organizations

August 1, 2023 add comment
Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in... Read more »

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

August 1, 2023 add comment
Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be deleted during initialization. Canon warns that sensitive information on... Read more »

Experts discovered a previously undocumented initial access vector used by P2PInfect worm

July 31, 2023 add comment
Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector. In July, Palo Alto Networks Unit 42 researchers discovered... Read more »

Experts link AVRecon bot to the malware proxy service SocksEscort

July 31, 2023 add comment
The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021. In early July, researchers from Lumen Black Lotus Labs discovered the AVRecon botnet... Read more »

Three flaws in Ninja Forms plugin for WordPress impact 900K sites

July 31, 2023 add comment
Experts warn of vulnerabilities impacting the Ninja Forms plugin for WordPress that could be exploited for escalating privileges and data theft. The Ninja Forms plugin for WordPress is affected... Read more »

Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489

July 31, 2023 add comment
Researchers warn that threat actors started exploiting Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild. Citrix ShareFile is a widely used cloud-based file-sharing application, which is affected by the... Read more »

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issues

July 30, 2023 add comment
Google’s Threat Analysis Group Google states that more than 40% of zero-day flaws discovered in 2022 were variants of previous issues. The popular Threat Analysis Group (TAG) Maddie Stone... Read more »
Subscribe to our Newsletter