Skip to content
computer security Page 36

computer security

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems

Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. “Attackers can leverage these… 

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Oct 14, 2024Ravie LakshmananRansomware / Vulnerability Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been… 

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

Oct 13, 2024Ravie Lakshmanan The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and… 

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

Oct 12, 2024Ravie LakshmananCryptocurrency / Cybercrime The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread… 

How Hybrid Password Attacks Work and How to Defend Against Them

How Hybrid Password Attacks Work and How to Defend Against Them

Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various… 

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance

Oct 11, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIG-IP Local Traffic Manager… 

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

Oct 11, 2024Ravie LakshmananDevOps / Vulnerability GitLab has released security updates for Community Edition (CE) and Enterprise Edition (EE) to address eight security flaws, including a critical bug that could allow running Continuous Integration and… 

Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation

Bohemia and Cannabia Dark Web Markets Taken Down After Joint Police Operation

Oct 11, 2024Ravie LakshmananCybercrime / Dark Web The Dutch police have announced the takedown of Bohemia and Cannabia, which has been described as the world’s largest and longest-running dark web market for illegal goods, drugs,…