Aug 07, 2024Ravie LakshmananLinux / Vulnerability Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate a limited heap vulnerability to an arbitrary memory read-and-write…
Aug 07, 2024Ravie LakshmananEmail Security / Vulnerability Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious JavaScript in a victim’s web browser and steal…
Aug 07, 2024Ravie LakshmananCloud Security / Cyber Espionage An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra. “GoGra is written in Go and uses…
Aug 07, 2024Ravie LakshmananCybersecurity / Incident Response Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of Windows devices globally. The “Channel File 291” incident,…
Aug 07, 2024Ravie LakshmananAndroid / Mobile Security, Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a…
Aug 07, 2024Ravie LakshmananMalware / Software Security Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users to override Gatekeeper protections. Gatekeeper is a crucial…
U.K. data protection authorities have issued a provisional fine of more than £6 million to NHS vendor Advanced after finding that the company failed to properly secure the information of thousands of people later stolen…
Aug 06, 2024Ravie LakshmananEmail Security / Financial Fraud INTERPOL said it devised a “global stop-payment mechanism” that helped facilitate the largest-ever recovery of funds defrauded in a business email compromise (BEC) scam. The development comes…
A cyberattack on Mobile Guardian, a U.K.-based provider of educational device management software, has sparked outages at schools across the world and has left thousands of students unable to access their files. Mobile Guardian acknowledged…
Aug 06, 2024The Hacker NewsSaaS Security / Threat Detection Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional,…