Internet Security

Terrorist Activity is Accelerating in Cyberspace – Risk Precursor to Summer Olympics and Elections

July 26, 2024 add comment
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray expressed growing concerns over the... Read more »

Progress Software fixed critical RCE CVE-2024-6327 in the Telerik Report Server

July 25, 2024 add comment
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for creating, managing, and delivering... Read more »

Critical bug in Docker Engine allowed attackers to bypass authorization plugins

July 25, 2024 add comment
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerability, tracked as CVE-2024-41110 (CVSS score of 10.0), in... Read more »

Hackers exploit Microsoft Defender SmartScreen bug CVE-2024-21412 to deliver ACR, Lumma, and Meduza Stealers

July 25, 2024 add comment
The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs researchers observed a malware campaign exploiting... Read more »

Michigan Medicine data breach impacted 56953 patients

July 25, 2024 add comment
A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michigan,... Read more »

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

July 24, 2024 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »

China-linked APT group uses new Macma macOS backdoor version

July 24, 2024 add comment
China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Macma. The China-linked APT group Daggerfly (aka Evasive... Read more »

FrostyGoop ICS malware targets Ukraine

July 23, 2024 add comment
In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ICS... Read more »

Hackers abused swap files in e-skimming attacks on Magento sites

July 23, 2024 add comment
Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap files in... Read more »

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

July 23, 2024 add comment
The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. The United States sanctioned Russian hacktivists Yuliya Vladimirovna Pankratova and Denis... Read more »
Subscribe to our Newsletter