Security Issues, Vulnerabilities, Exploits & Government Alerts
Apr 03, 2024NewsroomWeb Security / Vulnerability A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries…
Apr 02, 2024NewsroomFirmware Security / Vulnerability The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.4 ATTENTION: Exploitable from adjacent network/Low attack complexity Vendor: IOSiX Equipment: IO-1020 Micro ELD Vulnerabilities: Use of Default Credentials, Download of Code Without Integrity Check 2. RISK EVALUATION…
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) announces a new dedicated High-Risk Communities webpage today with cybersecurity resources for civil society communities at heightened risk of facing digital security threats because of their work.…
Cloud solutions are more mainstream – and therefore more exposed – than ever before. In 2023 alone, a staggering 82% of data breaches were against public, private, or hybrid cloud environments. What’s more, nearly 40%…
Apr 02, 2024NewsroomCyber Espionage / Threat Intelligence A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. “Earth Freybug is a cyberthreat group…
Apr 02, 2024NewsroomBrowser Security / Data Security Google has agreed to purge billions of data records reflecting users’ browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their…
Apr 02, 2024NewsroomMalvertising / Threat Intelligence The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of…
Apr 01, 2024NewsroomCryptocurrency / Financial Fraud The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals “were lured…
CISA Urges Partnerships So We Can All Be “Resilient Together” WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) kicks off the third annual Emergency Communications Month to honor the nation’s emergency responders and communicators, emphasizing…