Security Issues, Vulnerabilities, Exploits & Government Alerts
Sep 04, 2024Ravie LakshmananVulnerability / Network Security Zyxel has released software updates to address a critical security flaw impacting certain access point (AP) and security router versions that could result in the execution of unauthorized…
Sep 04, 2024The Hacker NewsSaaS Security / Browser Security Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures,…
Sep 04, 2024Ravie LakshmananGDPR / Privacy The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation…
Sep 04, 2024Ravie LakshmananMalware / Network Security A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine…
Sep 03, 2024Ravie LakshmananRansomware / Malware A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. “Head Mare uses more up-to-date methods for…
Sep 03, 2024Ravie LakshmananEndpoint Security / Malware Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. “It appears that Cicada3301…
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: LOYTEC electronics GmbH Equipment: LINX series Vulnerabilities: Cleartext Transmission of Sensitive Information, Missing Authentication for Critical Function, Cleartext…
Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. “This malware family is capable of performing keylogging using the Accessibility Service, and is…
In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very…
Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system’s permissions-based model, which revolves around the Transparency,…