According to a security researcher, flaws in the online interface of Jacuzzi’s SmartTub app could have allowed an attacker to view and perhaps change…
Latest posts - Page 2
General
Avos ransomware organisation increases its attack capabilities
We recently noticed a month-long AvosLocker promotion during a client engagement. Cobalt Strike, Sliver, and various commercial network scanners were among the tools used…
General
The Android-stealing BRATA malware is becoming a persistent threat
The threat actor responsible for the BRATA banking trojan has refined their tactics and enhanced the malware with data-stealing capabilities. Cleafy, an Italian mobile…
General
2022 SaaS Security Survey Report: 7 Key Findings
Learn about the emerging threats to SaaS security and how different firms are addressing them. In partnership with CSA, the 2022 SaaS Security Survey…
General
MetaMask, Phantom warn about a flaw that can steal your crypto wallets
According to MetaMask and Phantom, a new ‘Demonic’ vulnerability might disclose a crypto wallet’s secret recovery phrase, allowing attackers to steal NFTs and bitcoin…
General
A data breach at Kaiser Permanente has exposed about 70K medical records
An email compromise incident in April allowed attackers to obtain access to confidential user credentials. On April 5, Kaiser Permanente had a data breach…
General
The new Syslogk Linux rootkit employs magic packets to activate the backdoor
Syslogk, a new Linux rootkit malware that uses specially designed “magic packets” to awaken a dormant backdoor on the system, is being utilised in…
General
Vulnerabilities in Fujitsu Cloud Storage Could Allow Attackers To Access Backups
Unauthorized attackers were able to access backups thanks to serious security flaws in Fujitsu’s cloud storage infrastructure. The flaw specifically affected the FUJITSU ETERNUS…
General
Apple M1 CPUs have a new flaw that can’t be patched, according to MIT researchers
A new hardware attack known as PACMAN has been shown against Apple’s M1 processor chipsets, potentially allowing a destructive actor to get arbitrary code…
General
AvosLocker and Cerber2021 ransomware were installed on Confluence servers
For first access to corporate networks, ransomware gangs are now targeting a newly patched and actively exploited remote code execution (RCE) vulnerability affecting Atlassian…