Internet Security

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

January 31, 2024 add comment
Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. In early January 2024, software firm Ivanti reported that threat actors... Read more »

Data leak at fintech giant Direct Trading Technologies

January 31, 2024 add comment
Sensitive data and trading activity of over 300K traders leaked online by international fintech firm Direct Trading Technologies. Direct Trading Technologies, an international fintech company, jeopardized over 300K traders... Read more »

Root access vulnerability in GNU Library C (glibc) impacts many Linux distros

January 30, 2024 add comment
Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions. The Qualys Threat Research Unit discovered four security vulnerabilities in... Read more »

Italian data protection authority said that ChatGPT violated EU privacy laws

January 30, 2024 add comment
Italian data protection authority regulator authority Garante said that ChatGPT violated European Union data privacy regulations. The Italian data protection authority regulator authority, known as “Garante per la protezione... Read more »

750 million Indian mobile subscribers’ data offered for sale on dark web

January 30, 2024 add comment
Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750... Read more »

Juniper Networks released out-of-band updates to fix high-severity flaws

January 30, 2024 add comment
Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to take over unpatched systems. Juniper Networks has released out-of-band updates to address... Read more »

Cactus ransomware gang claims the Schneider Electric hack

January 30, 2024 add comment
Energy management and industrial automation firm Schneider Electric suffered a data breach after a Cactus ransomware attack. Schneider Electric is a multinational company that specializes in energy management, industrial... Read more »

Mercedes-Benz accidentally exposed sensitive data, including source code

January 29, 2024 add comment
Researchers discovered that Mercedes-Benz accidentally left a private key online exposing internal data, including the company’s source code. RedHunt Labs researchers discovered that Mercedes-Benz unintentionally left a private key... Read more »

Experts detailed Microsoft Outlook flaw that can leak NTLM v2 hashed passwords

January 29, 2024 add comment
A flaw in Microsoft Outlook can be exploited to access NTLM v2 hashed passwords by tricking users into opening a specially crafted file. The vulnerability CVE-2023-35636 impacting Microsoft Outlook... Read more »

NSA buys internet browsing records from data brokers without a warrant

January 29, 2024 add comment
The U.S. National Security Agency (NSA) admitted to buying internet browsing records from data brokers to monitor Americans’ activity online without a court order. U.S. Senator Ron Wyden, D-Ore.,... Read more »
Subscribe to our Newsletter