Internet Security

Norton parent firm Gen Digital, was victim of a MOVEit ransomware attack too

June 22, 2023 add comment
Norton parent firm, Gen Digital, was the victim of a ransomware attack that exploited the recently disclosed MOVEit zero-day vulnerability. Gen Digital Inc. (formerly Symantec Corporation and NortonLifeLock) is a multinational software company that provides cybersecurity software and... Read more »

Apple addressed actively exploited zero-day flaws in iOS, macOS, and Safari

June 22, 2023 add comment
Apple rolled out security updates to address actively exploited zero-day flaws in iOS, iPadOS, macOS, watchOS, and Safari. Apple addressed a set of vulnerabilities in iOS, iPadOS, macOS, watchOS,... Read more »

Analyzing the TriangleDB implant used in Operation Triangulation

June 22, 2023 add comment
Kaspersky provided more details about Operation Triangulation, including the exploitation chain and the implant used by the threat actors. Kaspersky researchers dug into Operation Triangulation and discovered more details... Read more »

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

June 21, 2023 add comment
Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. A joint investigation conducted by Ukraine’s Computer Emergency Response Team (CERT-UA) and Recorded Future revealed that... Read more »

New Condi DDoS botnet targets TP-Link Wi-Fi routers

June 21, 2023 add comment
Researchers discovered a new strain of malware called Condi that targets TP-Link Archer AX21 (AX1800) Wi-Fi routers. Fortinet FortiGuard Labs Researchers discovered a new strain of malware called Condi that was observed exploiting a... Read more »

Critical RCE flaw CVE-2023-20887 in VMware vRealize exploited in the wild

June 21, 2023 add comment
VMware is warning customers that critical remote code execution vulnerability CVE-2023-20887 is being actively exploited in attacks. VMware is warning customers that a critical remote code execution vulnerability in... Read more »

3CX data exposed, third-party to blame

June 20, 2023 add comment
A third-party vendor of 3CX, a popular Voice over Internet Protocol (VoIP) comms provider, left an open server and exposed sensitive 3CX data. The issue went under the company’s... Read more »

New Tsunami botnet targets Linux SSH servers

June 20, 2023 add comment
Researchers warn of an ongoing Tsunami DDoS botnet campaign targeting inadequately protected Linux SSH servers. Researchers from AhnLab Security Emergency response Center (ASEC) have uncovered an ongoing hacking campaign,... Read more »

Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices

June 20, 2023 add comment
Zyxel released security updates to address a critical vulnerability affecting its network-attached storage (NAS) devices. Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score:... Read more »

Tackling Data Sovereignty with DDR

June 20, 2023 add comment
Data-centric distributed resilience (DDR) offers a compelling approach to addressing data sovereignty in cybersecurity. As much of our modern life relies upon the cloud, the question of data protection... Read more »
Subscribe to our Newsletter