Skip to content
information security Page 164

information security

High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners

High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners

?Jan 15, 2024?NewsroomOperational Technology / Network Security Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected… 

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

?Jan 15, 2024?NewsroomWebsite Security / Vulnerability Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January… 

DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023

DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023

?Jan 15, 2024?NewsroomServer Security / Cyber Attack The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in… 

New Findings Challenge Attribution in Denmark’s Energy Sector Cyberattacks

New Findings Challenge Attribution in Denmark’s Energy Sector Cyberattacks

?Jan 14, 2024?NewsroomCyber Attack / Vulnerability The cyber attacks targeting the energy sector in Denmark last year may not have had the involvement of the Russia-linked Sandworm hacking group, new findings from Forescout show. The… 

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

?Jan 13, 2024?NewsroomVulnerability / Network Security Juniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is… 

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

?Jan 13, 2024?NewsroomCryptojacking / Cloud Security A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person, described as… 

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. “These families…