Security Issues, Vulnerabilities, Exploits & Government Alerts
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Arena Vulnerabilities: Use After Free, Out-of-bounds Write, Improper Initialization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could result…
Dec 10, 2024The Hacker NewsVulnerability / Perimeter Security In today’s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to…
Dec 10, 2024Ravie LakshmananCybercrime / Vishing Belgian and Dutch authorities have arrested eight suspects in connection with a “phone phishing” gang that primarily operated out of the Netherlands with an aim to steal victims’ financial…
Dec 10, 2024Ravie LakshmananCyber Espionage / Hacking News A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed…
Dec 10, 2024The Hacker NewsMalware Analysis / Cyber Threat Cyber attackers never stop inventing new ways to compromise their targets. That’s why organizations must stay updated on the latest threats. Here’s a quick rundown of…
Dec 10, 2024Ravie LakshmananMalware / Cyber Attack The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country…
Dec 09, 2024Ravie LakshmananThreat Intelligence / Malware The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and…
Dec 09, 2024Ravie LakshmananCyber Threats / Weekly Recap This week’s cyber world is like a big spy movie. Hackers are breaking into other hackers’ setups, sneaky malware is hiding in popular software, and AI-powered scams…
Dec 09, 2024Ravie LakshmananArtificial Intelligenc / Vulnerability Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could permit a bad actor to take control of…
Dec 09, 2024The Hacker NewsIdentity Security / Passwordless Identity security is all the rage right now, and rightfully so. Securing identities that access an organization’s resources is a sound security model. But IDs have their…