According to a security researcher, flaws in the online interface of Jacuzzi’s SmartTub app could have allowed an attacker to view and perhaps change…
General
General
Avos ransomware organisation increases its attack capabilities
We recently noticed a month-long AvosLocker promotion during a client engagement. Cobalt Strike, Sliver, and various commercial network scanners were among the tools used…
General
Magecraft campaign sheds light on the scale of the ongoing campaign
A Magecart skimming campaign, recently discovered, was traced back to an earlier attack in November 2021. Two malware domains have been tracked for hosting…
General
Flagstar reveals details of a cyberattack that was directed at it
Flagstar Bank is informing 1.5 million customers of a data breach wherein hackers acquired data. The cyberattack happened in December last year. Flagstar, a…
General
The Android-stealing BRATA malware is becoming a persistent threat
The threat actor responsible for the BRATA banking trojan has refined their tactics and enhanced the malware with data-stealing capabilities. Cleafy, an Italian mobile…
General
2022 SaaS Security Survey Report: 7 Key Findings
Learn about the emerging threats to SaaS security and how different firms are addressing them. In partnership with CSA, the 2022 SaaS Security Survey…
General
WordPress sites updated automatically to fix a critical Plugin flaw
WordPress websites using a popular plugin named Ninha Forums have been automatically updated to fix a critical flaw, and the flaw has been widely…
General
MetaMask, Phantom warn about a flaw that can steal your crypto wallets
According to MetaMask and Phantom, a new ‘Demonic’ vulnerability might disclose a crypto wallet’s secret recovery phrase, allowing attackers to steal NFTs and bitcoin…
General
A data breach at Kaiser Permanente has exposed about 70K medical records
An email compromise incident in April allowed attackers to obtain access to confidential user credentials. On April 5, Kaiser Permanente had a data breach…
General
A Microsoft Office 365 feature can help Ransomware hackers to hack Cloud files
A “dangerous piece of functionality” has been uncovered in Microsoft 365 suite that can be exploited by attackers to ransom files stored on SharePoint…