Security Issues, Vulnerabilities, Exploits & Government Alerts
Jun 06, 2024NewsroomEndpoint Security / Malware Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. “The…
Jun 06, 2024NewsroomData Encryption / Privacy Google has announced plans to store Maps Timeline data locally on users’ devices instead of their Google account effective December 1, 2024. The changes were originally announced by the…
Jun 06, 2024NewsroomSoftware Security / Data Theft Cybersecurity researchers have discovered a malicious Python package uploaded to the Python Package Index (PyPI) repository that’s designed to deliver an information stealer called Lumma (aka LummaC2). The…
WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced it will host the first annual Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force Conference, Innovations in ICT Supply Chain…
WEST POINT, N.Y. – Today, the Cybersecurity and Infrastructure Security Agency (CISA) held its second quarter 2024 Cybersecurity Advisory Committee (CSAC) meeting. During the meeting, members provided updates and voted on recommendations based on CISA…
Jun 05, 2024NewsroomCyber Espionage / Threat Intelligence An unnamed high-profile government organization in Southeast Asia emerged as the target of a “complex, long-running” Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. “The overall goal behind…
Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from…
An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight (aka Cyclops 2.0)…
Jun 05, 2024NewsroomVulnerability / Data Security Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of…
Jun 05, 2024NewsroomCyber Attack / Online Security Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was…