Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

Feb 29, 2024NewsroomMalware / Endpoint Security The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages,…

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a…

President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations

U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens’ personal data to countries of concern. The Executive Order also “provides safeguards around other activities that can give those…

Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors

Feb 28, 2024NewsroomCyber Espionage / Malware An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East,…

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

Feb 28, 2024NewsroomRansomware / Healthcare The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. “Since mid-December 2023, of the nearly 70…

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data

Feb 28, 2024The Hacker NewsWebinar / Privacy In today’s digital era, data privacy isn’t just a concern; it’s a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences…

How to Bridge Privileged Access Management and Identity Management

Feb 28, 2024The Hacker NewsZero Trust / Cyber Threat Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls.…

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users

Feb 28, 2024NewsroomPhishing Attack / Malware Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity,…

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28’s MooBot Threat

Feb 28, 2024NewsroomFirmware Security / Vulnerability In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet…

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

Feb 27, 2024NewsroomVulnerability / Website Security A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed…

« Previous
1
…
174
175
176
177
178
…
206
Next »