Security Issues, Vulnerabilities, Exploits & Government Alerts
?Jan 22, 2024?NewsroomPrivacy / Technology The U.S. Federal Trade Commission (FTC) is continuing to clamp down on data brokers by prohibiting InMarket Media from selling or licensing precise location data. The settlement is part of…
?Jan 22, 2024?NewsroomVulnerability / Malware Cybersecurity researchers are warning of a “notable increase” in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts. “The…
?Jan 20, 2024?NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical…
?Jan 20, 2024?NewsroomNetwork Security / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited…
?Jan 20, 2024?NewsroomCyber Espionage / Emails Security Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior…
The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and…
?Jan 19, 2024?NewsroomMalware / Endpoint Security Pirated applications targeting Apple macOS users have been observed containing a backdoor capable of granting attackers remote control to infected machines. “These applications are being hosted on Chinese pirating…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 24-01 in response to observed widespread and active exploitation of vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure appliances by malicious cyber threat…
In the current digital landscape, data has emerged as a crucial asset for organizations, akin to currency. It’s the lifeblood of any organization in today’s interconnected and digital world. Thus, safeguarding the data is of…
?Jan 19, 2024?NewsroomSoftware Security / Spyware A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named “oscompatible,” was published on January…