Internet Security

OWASP Top 10 for LLM (Large Language Model) applications is out!

August 3, 2023 add comment
The OWASP Top 10 for LLM (Large Language Model) Applications version 1.0 is out, it focuses on the potential security risks when using LLMs. OWASP released the OWASP Top 10... Read more »

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug

August 3, 2023 add comment
Researchers discovered a bypass for a recently fixed actively exploited vulnerability in Ivanti Endpoint Manager Mobile (EPMM). Rapid7 cybersecurity researchers have discovered a bypass for the recently patched actively... Read more »

Russian APT29 conducts phishing attacks through Microsoft Teams

August 3, 2023 add comment
Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks. Microsoft Threat Intelligence reported that Russia-linked cyberespionage group APT29  (aka SVR group, Cozy Bear, Nobelium, Midnight... Read more »

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

August 2, 2023 add comment
Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds... Read more »

Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign

August 2, 2023 add comment
Experts spotted a spear-phishing Facebook campaign exploiting a zero-day vulnerability in Salesforce email services. Researchers from Guardio Labs uncovered a sophisticated phishing campaign exploiting a zero-day vulnerability in Salesforce... Read more »

Burger King forgets to put a password on their systems, again

August 2, 2023 add comment
The fast food giant Burger King put their systems and data at risk by exposing sensitive credentials to the public for a second time. Original post @https://cybernews.com/security/burger-king-data-leak/ Burger King... Read more »

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

August 2, 2023 add comment
US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the... Read more »

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

August 1, 2023 add comment
Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto Network Unit 42 discovered a previously unreported phishing campaign... Read more »

US govt is hunting a Chinese malware that can interfere with its military operations

August 1, 2023 add comment
The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict. American intelligence officials believe... Read more »

WikiLoader malware-as-a-service targets Italian organizations

August 1, 2023 add comment
Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in... Read more »
Subscribe to our Newsletter