Internet Security

A TrickBot malware developer sentenced to 64 months in prison

January 27, 2024 add comment
The Russian national malware developer Vladimir Dunaev was sentenced to more than 5 years in prison for his role in the TrickBot operation. The Russian national Vladimir Dunaev (40)... Read more »

Russian Midnight Blizzard APT is targeting orgs worldwide, Microsoft warns

January 26, 2024 add comment
Microsoft revealed that Russia-linked APT Midnight Blizzard has been targeting organizations worldwide in a cyberespionage campaign. Microsoft announced that the Russia-linked APT Midnight Blizzard that hit the company in... Read more »

Watch out, experts warn of a critical flaw in Jenkins

January 26, 2024 add comment
Jenkins maintainers addressed several security vulnerabilities, including a critical remote code execution (RCE) flaw. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the... Read more »

Pwn2Own Automotive 2024 Day 2 – Tesla hacked again

January 26, 2024 add comment
Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition. White hat hackers from the Synacktiv Team (@Synacktiv) compromised the... Read more »

Yearly Intel Trend Review: The 2023 RedSense report

January 25, 2024 add comment
The 2023 RedSense report covers long-term observations we have made regarding intel trends and interconnectivity. These observations were made by analyzing numerous 2023 threat findings and discoveries, and include... Read more »

Cisco warns of a critical bug in Unified Communications products, patch it now!

January 25, 2024 add comment
Cisco addressed a critical flaw in its Unified Communications and Contact Center Solutions products that could lead to remote code execution. Cisco released security patches to address a critical... Read more »

Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE)

January 25, 2024 add comment
Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT group Midnight Blizzard gained access to its Microsoft Office 365 email system. Hewlett Packard Enterprise (HPE) revealed that alleged Russia-linked cyberespionage... Read more »

CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog

January 25, 2024 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

5379 GitLab servers vulnerable to zero-click account takeover attacks

January 24, 2024 add comment
Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the... Read more »

Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

January 24, 2024 add comment
Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of... Read more »
Subscribe to our Newsletter