Mustang Panda, a China-based threat actor, has been improving and adding tools to attack firms located in Asia, the European Union, Russia, and the…
General
General
SharePoint, VPNs, and Virtual Machines are all on Lapsus$’ radar
The NCC Group has released a new report that reveals how Lapsus$ attacks are launched. The report goes into detail about the highly unpredictable…
General
CISCO releases patches for three flaws plaguing NFVIS software
Cisco systems rolled out patches for three flaws affecting its enterprise NFV Infrastructure Software (NFVIS). The attackers can use the flaw to compromise and…
General
F5 Security Issues a New BIG-IP Remote Code Execution Vulnerability
F5, a cloud security and application delivery network (ADN) provider, released updates on Wednesday to fix 43 problems across its products. One issue is…
General
Serious flaw plagues dotCMS content management software
A pre-authenticated remote code execution flaw has been revealed in dotCMS, an open-source content management system written in Java and “used by over 10,000…
General
Sting BazarLoader has been buzzed with bumblebee.
Proofpoint has identified a new malware loader known as Bumblebee. At least three different threat clusters tied to ransomware operations employ the loader. More…
General
IoT devices plagued by unpatched vulnerability affecting DNS
Cybersecurity researchers have uncovered an unpatched flaw that could be a potential threat to IoT products. The flaw, originally reported in September 2021, plagues…
General
Google comes out with Developer preview Android 13 Privacy sandbox
Google has rolled out the first developer preview for the Android 13 privacy sandbox. You can get an “early look” into the SDK Runtime…
General
The REvil ransomware group is back: a new malware sample confirms it
Amid escalating tensions between Russia and the United States, the legendary REvil ransomware operation has resurfaced, armed with new infrastructure and a tweaked encryptor…
General
The Indian government has ordered businesses to notify CERT-In within six hours of discovering a security breach
CERT-In, India’s computer and emergency response organisation, released new guidelines on Thursday that service providers, intermediaries, data centres, and government institutions should disclose cybersecurity…