Internet Security

Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure provider

August 24, 2023 add comment
The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware. The North Korea-linked APT group Lazarus has been exploiting a... Read more »

Lapsus$ member has been convicted of having hacked multiple high-profile companies

August 24, 2023 add comment
An 18-year-old member of the Lapsus$ gang has been convicted of having helped hack multiple high-profile companies. A teenage member of the Lapsus$ data extortion group, Arion Kurtaj (18), was... Read more »

More than 3,000 Openfire servers exposed to attacks using a new exploit

August 24, 2023 add comment
Researchers warn that more than 3,000 unpatched Openfire servers are exposed to attacks using an exploit for a recent flaw. Vulncheck researchers discovered more than 3,000 Openfire servers vulnerable... Read more »

DoJ charged Tornado Cash founders with laundering more than $1 billion

August 23, 2023 add comment
The U.S. DoJ charged two men with operating the Tornado Cash service and laundering more than $1 Billion in criminal proceeds. The U.S. Justice Department charged two Tornado Cash... Read more »

FBI identifies wallets holding cryptocurrency funds stolen by North Korea

August 23, 2023 add comment
The U.S. FBI warned that North Korea-linked threat actors may attempt to cash out stolen cryptocurrency worth more than $40 million. The Federal Bureau of Investigation shared details about... Read more »

Carderbee APT targets Hong Kong orgs via supply chain attacks

August 23, 2023 add comment
A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations. Symantec Threat Hunter Team reported that a previously unknown APT group,... Read more »

TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords

August 23, 2023 add comment
Four vulnerabilities in the TP-Link Tapo L530E smart bulb and impacting the mobile app used to control them expose users to hack. Researchers from the University of Catania (Italy)... Read more »

Defense contractor Belcan leaks admin password with a list of flaws

August 22, 2023 add comment
US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan is a government, defense, and aerospace contractor offering global... Read more »

Akira ransomware gang spotted targeting Cisco VPN products to hack organizations

August 22, 2023 add comment
The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The Akira ransomware has been active since March 2023, the... Read more »

CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog

August 22, 2023 add comment
US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added a critical flaw CVE-2023-26359 (CVSS score 9.8) affecting Adobe ColdFusion... Read more »
Subscribe to our Newsletter