Internet Security

Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway

December 13, 2022 add comment
Citrix urges customers to update their installs to fix actively exploited zero-day (CVE-2022-27518) in Citrix ADC and Gateway. Citrix urges administrators to apply security updates for a zero-day vulnerability,... Read more »

Lockbit ransomware gang hacked California Department of Finance

December 13, 2022 add comment
LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit ransomware gang claims to have stolen 76Gb from the... Read more »

Experts detailed a previously undetected VMware ESXi backdoor

December 13, 2022 add comment
A new Python backdoor is targeting VMware ESXi servers, allowing attackers to take over compromised systems. Juniper Networks researchers spotted a previously undocumented Python backdoor targeting VMware ESXi servers.... Read more »

Twitter says recently leaked user data are from 2021 breach

December 13, 2022 add comment
Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions... Read more »

Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug

December 12, 2022 add comment
Fortinet fixed an actively exploited FortiOS SSL-VPN flaw that could allow a remote, unauthenticated attacker to execute arbitrary code on devices. Fortinet urges customers to update their installs to address... Read more »

Indian foreign ministry’s Global Pravasi Rishta portal leaks expat passport details

December 12, 2022 add comment
The Cybernews research team reported that India’s government platform Global Pravasi Rishta Portal was leaking sensitive user data. Original post @ https://cybernews.com/security/indias-foreign-ministry-leaks-passport-details/ The Global Pravasi Rishta Portal, India’s government... Read more »

Cryptomining campaign targets Linux systems with Go-based CHAOS Malware

December 12, 2022 add comment
Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers discovered a cryptocurrency mining campaign targeting Linux users with... Read more »

Evilnum group targets legal entities with a new Janicab variant

December 12, 2022 add comment
A hack-for-hire group dubbed Evilnum is targeting travel and financial entities with the new Janicab malware variant. Kaspersky researchers reported that a hack-for-hire group dubbed Evilnum is targeting travel and financial entities.... Read more »

TrueBot infections were observed in Clop ransomware attacks

December 12, 2022 add comment
Researchers reported an increase in TrueBot infections, attackers have shifted from using malicious emails as their primary delivery method to other techniques. Cisco Talos researchers reported an increase in TrueBot infections, threat actors... Read more »

Pwn2Own Toronto 2022 Day 4: $989K awarded for 63 unique zero-days

December 11, 2022 add comment
The Pwn2Own Toronto 2022 is ended, and the participants earned a total of $989,750 for 63 unique zero-day exploits. The Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition has... Read more »
Subscribe to our Newsletter